[Git][security-tracker-team/security-tracker][master] libcoap3 spu

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Aug 29 12:27:26 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3428c9ec by Moritz Mühlenhoff at 2025-08-29T13:26:55+02:00
libcoap3 spu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -150144,7 +150144,7 @@ CVE-2024-31031 (An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to ca
 	- libcoap <not-affected> (Vulnerable code not present)
 	- libcoap2 <not-affected> (Vulnerable code not present)
 	- libcoap3 4.3.5-1 (bug #1070362)
-	[trixie] - libcoap3 <ignored> (Minor issue, no reverse deps in trixie)
+	[trixie] - libcoap3 <no-dsa> (Will be fixed via point update)
 	[bookworm] - libcoap3 <ignored> (Minor issue, no reverse deps in Bookworm)
 	NOTE: https://github.com/obgm/libcoap/issues/1351
 	NOTE: https://github.com/obgm/libcoap/commit/214665ac4b44b1b6a7e38d4d6907ee835a174928 (v4.3.5-rc1)
@@ -172924,7 +172924,7 @@ CVE-2024-23738 (An issue in Postman version 10.22 and before on macOS allows a r
 	NOT-FOR-US: Postman on MacOS
 CVE-2024-0962 (A vulnerability was found in obgm libcoap 4.3.4. It has been rated as  ...)
 	- libcoap3 4.3.5-1 (bug #1061704)
-	[trixie] - libcoap3 <ignored> (Minor issue, no reverse deps in trixie)
+	[trixie] - libcoap3 <no-dsa> (Will be fixed via point update)
 	[bookworm] - libcoap3 <not-affected> (Vulnerable code not present)
 	- libcoap2 <not-affected> (Vulnerable code not present)
 	- libcoap <not-affected> (Vulnerable code not present)


=====================================
data/next-point-update.txt
=====================================
@@ -50,3 +50,7 @@ CVE-2025-58050
 	[trixie] - pcre2 10.46-1~deb13u1
 CVE-2025-40927
 	[trixie] - libcgi-simple-perl 1.282-1~deb13u1
+CVE-2024-0962
+	[trixie] - libcoap3 4.3.4-1.1+deb13u1
+CVE-2024-31031
+	[trixie] - libcoap3 4.3.4-1.1+deb13u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3428c9ec1c0979eadd933a07d3fb82887630a3f0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3428c9ec1c0979eadd933a07d3fb82887630a3f0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250829/9ed87738/attachment.htm>

More information about the debian-security-tracker-commits mailing list