[Debian-iot-maintainers] Bug#1111535: mbedtls: CVE-2025-47917
Naaz, Syeda Shagufta
syedashagufta.naaz at siemens.com
Tue Aug 19 08:05:47 BST 2025
Source: mbedtls
Version: 2.28.3-1
Severity: important
Tags: bookworm security
CVE-ID: CVE-2025-47917
Hi,
The following vulnerability affects the Bookworm mbedtls package version 2.28.3-1.
CVE-2025-47917:
Misleading memory management in mbedtls_x509_string_to_names()
This issue appears to have already been fixed in the mbedtls/3.6.4-1.
But Bookworm version is still vulnerable.
Regards,
Syeda Shagufta Naaz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-iot-maintainers/attachments/20250819/a9b23c98/attachment.htm>
More information about the Debian-iot-maintainers
mailing list