[Git][security-tracker-team/security-tracker][master] Track several fixes for weechat issues via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat May 17 11:02:08 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cdb5f5cb by Salvatore Bonaccorso at 2025-05-17T11:59:22+02:00
Track several fixes for weechat issues via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -310,35 +310,35 @@ CVE-2025-37890 (In the Linux kernel, the following vulnerability has been resolv
- linux <unfixed>
NOTE: https://git.kernel.org/linus/141d34391abbb315d68556b7c67ad97885407547 (6.15-rc5)
CVE-2025-XXXX [Buffer overflow in range of chars in evaluated expressions]
- - weechat <unfixed> (bug #1104554)
+ - weechat 4.6.3-1 (bug #1104554)
NOTE: https://weechat.org/doc/weechat/security/WSA-2025-7/
NOTE: Fixed by: https://github.com/weechat/weechat/commit/3db2f71112ea85fa88b57f2c91be66a91ad7c078 (v4.6.3)
CVE-2025-XXXX [Buffer overflow in base 32 encoding in evaluated expressions]
- - weechat <unfixed> (bug #1104554)
+ - weechat 4.6.3-1 (bug #1104554)
NOTE: https://weechat.org/doc/weechat/security/WSA-2025-6/
NOTE: Fixed by: https://github.com/weechat/weechat/commit/09917a807bcd71adf25e51f24200e7b7a5b8ff6f (v4.6.3)
CVE-2025-XXXX [Buffer overflow in syntax highlighting of evaluated expressions]
- - weechat <unfixed> (bug #1104554)
+ - weechat 4.6.3-1 (bug #1104554)
[bookworm] - weechat <not-affected> (Vulnerable code not present)
[bullseye] - weechat <not-affected> (Vulnerable code not present)
NOTE: https://weechat.org/doc/weechat/security/WSA-2025-5/
NOTE: Introduced with: https://github.com/weechat/weechat/commit/87f74e9f9544a7e3b7e4ffd0acc40841b8eb79e8 (v4.2.0)
NOTE: Fixed by: https://github.com/weechat/weechat/commit/334f88ae2c5f221e63b163a3c3ad4c98e437be35 (v4.6.3)
CVE-2025-XXXX [Buffer overflow in parsing of date/time]
- - weechat <unfixed> (bug #1104554)
+ - weechat 4.6.3-1 (bug #1104554)
NOTE: https://weechat.org/doc/weechat/security/WSA-2025-4/
NOTE: Introduced with: https://github.com/weechat/weechat/commit/f6ba789c3d33bdc1bcc6c00e9660ffbd9f2ba514 (v4.2.0)
NOTE: Fixed by: https://github.com/weechat/weechat/commit/2e146456913b6bc21b65dc89c69bce17b83e6264 (v4.6.3)
CVE-2025-XXXX [Integer overflow in conversion of version to an integer]
- - weechat <unfixed> (bug #1104554)
+ - weechat 4.6.3-1 (bug #1104554)
NOTE: https://weechat.org/doc/weechat/security/WSA-2025-3/
NOTE: Fixed by: https://github.com/weechat/weechat/commit/5839df90e7d4f5680186c2d2993d5701115d8c78 (v4.6.3)
CVE-2025-XXXX [Integer overflow in base32 decode/encode functions]
- - weechat <unfixed> (bug #1104554)
+ - weechat 4.6.3-1 (bug #1104554)
NOTE: https://weechat.org/doc/weechat/security/WSA-2025-2/
NOTE: Fixed by: https://github.com/weechat/weechat/commit/60824530026d2461220fa7c7c99c0278665e2150 (v4.6.3)
CVE-2025-XXXX [Integer overflow with decimal numbers in calculation of expression]
- - weechat <unfixed> (bug #1104554)
+ - weechat 4.6.3-1 (bug #1104554)
NOTE: https://weechat.org/doc/weechat/security/WSA-2025-1/
NOTE: Fixed by: https://github.com/weechat/weechat/commit/d0568dce79c350a4c11609c66587bc3e4cc00eba (v4.6.3)
CVE-2025-4759 (Versions of the package lockfile-lint-api before 5.9.2 are vulnerable ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cdb5f5cb93eceb4e255b51230c270a95e368be24
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cdb5f5cb93eceb4e255b51230c270a95e368be24
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250517/7db3b0c1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list