[oss-security] ISC has disclosed one vulnerability in Kea (CVE-2025-11232)

Wed, 29 Oct 2025 10:55:32 -0700

On 29 October 2025 we (Internet Systems Consortium) disclosed one vulnerability affecting our Kea software:
- CVE-2025-11232:       Invalid characters cause assert https://kb.isc.org/docs/cve-2025-11232 


New versions of Kea 3.0.2 and 3.1.3 are available from 
https://www.isc.org/downloads



With the public announcement of these vulnerabilities, the embargo 
period is ended and any updated software packages that have been 
prepared may be released.



Włodek Wencel




Attachment:
OpenPGP_0x2F58CA1ABCCB2572.asc

Description: OpenPGP public key



Attachment:
OpenPGP_signature.asc

Description: OpenPGP digital signature














    











					Reply via email to