[Git][security-tracker-team/security-tracker][master] CVE-2025-32989/gnutls28 does not affect bullseye
Adrian Bunk (@bunk)
bunk at debian.org
Sat Aug 9 16:20:08 BST 2025
Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker
Commits:
abe5afd7 by Adrian Bunk at 2025-08-09T18:19:39+03:00
CVE-2025-32989/gnutls28 does not affect bullseye
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7874,8 +7874,10 @@ CVE-2025-32990 (A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS
CVE-2025-32989 (A heap-buffer-overread vulnerability was found in GnuTLS in how it han ...)
{DSA-5962-1}
- gnutls28 3.8.9-3
+ [bullseye] - gnutls28 <not-affected> (Vulnerable code introduced later)
NOTE: https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html
NOTE: https://gitlab.com/gnutls/gnutls/-/issues/1695
+ NOTE: Introduced by: https://gitlab.com/gnutls/gnutls/-/commit/242abb6945cbb56c4a41c393d0253ea5b9d3a36a (3.7.3)
NOTE: Fixed by: https://gitlab.com/gnutls/gnutls/-/commit/8e5ca951257202089246fa37e93a99d210ee5ca2 (3.8.10)
CVE-2025-32988 (A flaw was found in GnuTLS. A double-free vulnerability exists in GnuT ...)
{DSA-5962-1}
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abe5afd712a406dcf8881f4097cf659780e87b09
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abe5afd712a406dcf8881f4097cf659780e87b09
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250809/6fae50e9/attachment.htm>
More information about the debian-security-tracker-commits
mailing list