[Git][security-tracker-team/security-tracker][master] Add upstream tag information for openvpn3-client issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Mar 18 19:48:35 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7d599c20 by Salvatore Bonaccorso at 2025-03-18T20:48:06+01:00
Add upstream tag information for openvpn3-client issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -115525,7 +115525,7 @@ CVE-2023-6565 (The InfiniteWP Client plugin for WordPress is vulnerable to Sensi
 CVE-2023-6247 (The PKCS#7 parser in OpenVPN 3 Core Library versions through 3.8.3 did ...)
 	- openvpn3-client <unfixed>
 	NOTE: https://community.openvpn.net/openvpn/wiki/CVE-2023-6247
-	NOTE: https://github.com/OpenVPN/openvpn3/commit/afdfe1bb3f4c54e8794
+	NOTE: https://github.com/OpenVPN/openvpn3/commit/afdfe1bb3f4c54e879429950b95e5c0e29b1a77d (release/3.8.4)
 CVE-2023-52439 (In the Linux kernel, the following vulnerability has been resolved:  u ...)
 	{DLA-3841-1 DLA-3840-1}
 	- linux 6.6.13-1
@@ -310050,8 +310050,8 @@ CVE-2021-32607 (An issue was discovered in Smartstore (aka SmartStoreNET) throug
 CVE-2021-3547 (OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middl ...)
 	- openvpn3-client <not-affected> (Fixed before initial upload to the archive)
 	NOTE: https://community.openvpn.net/openvpn/wiki/CVE-2021-3547
-	NOTE: https://github.com/OpenVPN/openvpn3/commit/febf01ef68b84f1579684224c80149138b6d2dcc
-	NOTE: https://github.com/OpenVPN/openvpn3/commit/11f964076d1c8c394f679b00a0242424a98b88d8
+	NOTE: https://github.com/OpenVPN/openvpn3/commit/febf01ef68b84f1579684224c80149138b6d2dcc (release/3.6.2)
+	NOTE: https://github.com/OpenVPN/openvpn3/commit/11f964076d1c8c394f679b00a0242424a98b88d8 (release/3.6.2)
 CVE-2021-32605 (zzzcms zzzphp before 2.0.4 allows remote attackers to execute arbitrar ...)
 	NOT-FOR-US: zzzcms
 CVE-2021-32604 (Share/IncomingWizard.htm in SolarWinds Serv-U before 15.2.3 mishandles ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d599c20bd0f6a5a28c84e6cacd05ac3b3402784

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d599c20bd0f6a5a28c84e6cacd05ac3b3402784
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250318/183fa55c/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list