[Git][security-tracker-team/security-tracker][master] Add CVE-2025-29785/golang-github-lucas-clemente-quic-go
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jun 2 21:44:25 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
68497da2 by Salvatore Bonaccorso at 2025-06-02T22:44:04+02:00
Add CVE-2025-29785/golang-github-lucas-clemente-quic-go
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -104,7 +104,10 @@ CVE-2025-37090 (A server-side request forgery vulnerabilityexists in HPE StoreOn
CVE-2025-37089 (A command injection remote code execution vulnerability exists in HPE ...)
NOT-FOR-US: HPE
CVE-2025-29785 (quic-go is an implementation of the QUIC protocol in Go. The loss reco ...)
- TODO: check
+ - golang-github-lucas-clemente-quic-go 0.50.1-1
+ NOTE: https://github.com/quic-go/quic-go/security/advisories/GHSA-j972-j939-p2v3
+ NOTE: https://github.com/quic-go/quic-go/issues/4981
+ NOTE: Fixed by: https://github.com/quic-go/quic-go/commit/b90058aba5f65f48e0e150c89bbaa21a72dda4de (v0.50.1)
CVE-2025-27956 (Directory Traversal vulnerability in WebLaudos 24.2 (04) allows a remo ...)
NOT-FOR-US: WebLaudos
CVE-2025-27955 (Clinical Collaboration Platform 12.2.1.5 has a weak logout system wher ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/68497da29eb7a7f5038d8ee94a4d698d273bfa83
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/68497da29eb7a7f5038d8ee94a4d698d273bfa83
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250602/cbaab002/attachment.htm>
More information about the debian-security-tracker-commits
mailing list