[Git][security-tracker-team/security-tracker][master] CVE-2025-2704/bullseye
Bastien Roucariès (@rouca)
rouca at debian.org
Mon Apr 21 23:22:57 BST 2025
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
475d855f by Bastien Roucariès at 2025-04-22T00:22:22+02:00
CVE-2025-2704/bullseye
not vulnerable code introduced later
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6331,6 +6331,7 @@ CVE-2025-27556 (An issue was discovered in Django 5.1 before 5.1.8 and 5.0 befor
NOTE: https://www.djangoproject.com/weblog/2025/apr/02/security-releases/
CVE-2025-2704 (OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 ...)
- openvpn 2.6.14-1 (bug #1101935)
+ [bullseye] - openvpn <not-affected> (vulnerable code introduced later)
NOTE: https://community.openvpn.net/openvpn/wiki/CVE-2025-2704
NOTE: Introduced after: https://github.com/OpenVPN/openvpn/commit/788ce35cf09aff09b79f428cdd6cfc0ff8627934 (v2.6_beta1)
NOTE: Fixed by: https://github.com/OpenVPN/openvpn/commit/d3015bfd65348db629dab51e20a9d4e2f3b23493 (v2.6.14)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/475d855f952828d2371f505974927f0e186b9c20
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/475d855f952828d2371f505974927f0e186b9c20
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250421/1e55bba5/attachment.htm>
More information about the debian-security-tracker-commits
mailing list