[Git][security-tracker-team/security-tracker][master] openvpn3-client is in the archive now

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Mar 18 09:04:38 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
517d448e by Moritz Muehlenhoff at 2025-03-18T10:04:09+01:00
openvpn3-client is in the archive now

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -115508,7 +115508,9 @@ CVE-2023-6806 (The Starbox plugin for WordPress is vulnerable to Stored Cross-Si
 CVE-2023-6565 (The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-6247 (The PKCS#7 parser in OpenVPN 3 Core Library versions through 3.8.3 did ...)
-	- openvpn3-client <itp> (bug #904044)
+	- openvpn3-client <unfixed>
+	NOTE: https://community.openvpn.net/openvpn/wiki/CVE-2023-6247
+	NOTE: https://github.com/OpenVPN/openvpn3/commit/afdfe1bb3f4c54e8794
 CVE-2023-52439 (In the Linux kernel, the following vulnerability has been resolved:  u ...)
 	{DLA-3841-1 DLA-3840-1}
 	- linux 6.6.13-1
@@ -310031,7 +310033,10 @@ CVE-2021-32608 (An issue was discovered in Smartstore (aka SmartStoreNET) throug
 CVE-2021-32607 (An issue was discovered in Smartstore (aka SmartStoreNET) through 4.1. ...)
 	NOT-FOR-US: Smartstore
 CVE-2021-3547 (OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middl ...)
-	- openvpn3-client <itp> (bug #904044)
+	- openvpn3-client <not-affected> (Fixed before initial upload to the archive)
+	NOTE: https://community.openvpn.net/openvpn/wiki/CVE-2021-3547
+	NOTE: https://github.com/OpenVPN/openvpn3/commit/febf01ef68b84f1579684224c80149138b6d2dcc
+	NOTE: https://github.com/OpenVPN/openvpn3/commit/11f964076d1c8c394f679b00a0242424a98b88d8
 CVE-2021-32605 (zzzcms zzzphp before 2.0.4 allows remote attackers to execute arbitrar ...)
 	NOT-FOR-US: zzzcms
 CVE-2021-32604 (Share/IncomingWizard.htm in SolarWinds Serv-U before 15.2.3 mishandles ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/517d448e27804be2c267da1a65755fbedc761fd7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/517d448e27804be2c267da1a65755fbedc761fd7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250318/bf961c5b/attachment.htm>

More information about the debian-security-tracker-commits mailing list