[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2025-11411 as no-dsa for bookworm

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Dec 1 19:51:54 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2ab5a546 by Salvatore Bonaccorso at 2025-12-01T20:50:15+01:00
Mark CVE-2025-11411 as no-dsa for bookworm

- - - - -
163c3987 by Salvatore Bonaccorso at 2025-12-01T20:51:20+01:00
Track proposed update for unbound via bookworm-pu

- - - - -


2 changed files:

- data/CVE/list
- data/next-oldstable-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -10869,6 +10869,7 @@ CVE-2025-11750 (In langgenius/dify-web version 1.6.0, the authentication mechani
 CVE-2025-11411 (NLnet Labs Unbound up to and including version 1.24.2 is vulnerable to ...)
 	{DLA-4365-2 DLA-4365-1}
 	- unbound 1.24.2-1
+	[bookworm] - unbound <no-dsa> (Minor issue; will be fixed via point release for more exposure before release)
 	NOTE: https://www.nlnetlabs.nl/downloads/unbound/CVE-2025-11411.txt
 	NOTE: Fixed by: https://github.com/NLnetLabs/unbound/commit/a33f0638e1dacf2633cf2292078a674576bca852 (release-1.24.1)
 	NOTE: The original fix for CVE-2025-11411 was incomplete and required a followup


=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -206,3 +206,5 @@ CVE-2025-53075
 	[bookworm] - rlottie 0.1+dfsg-4+deb12u1
 CVE-2025-53074
 	[bookworm] - rlottie 0.1+dfsg-4+deb12u1
+CVE-2025-11411
+	[bookworm] - unbound 1.17.1-2+deb12u4



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/305b3448490faeffd22a7c7a2ab031e21f8ce8ef...163c39879c7f3397d888b8e6b83cec0445e8c1ed

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/305b3448490faeffd22a7c7a2ab031e21f8ce8ef...163c39879c7f3397d888b8e6b83cec0445e8c1ed
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251201/dfd1f68c/attachment.htm>

More information about the debian-security-tracker-commits mailing list