[Git][security-tracker-team/security-tracker][master] CVE-2025-13086: Add functional prerequisite commit for fixing commit
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Nov 28 15:59:16 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e3d8fadf by Salvatore Bonaccorso at 2025-11-28T16:58:19+01:00
CVE-2025-13086: Add functional prerequisite commit for fixing commit
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2043,6 +2043,7 @@ CVE-2025-13086 [HMAC verification check: fix incorrect memcmp() call]
[bullseye] - openvpn <not-affected> (Vulnerable code not present)
NOTE: https://community.openvpn.net/Security%20Announcements/CVE-2025-13086
NOTE: Introduced with: https://github.com/OpenVPN/openvpn/commit/b364711486dc6371ad2659a5aa190941136f4f04 (v2.6_beta1)
+ NOTE: Prerequisite: https://github.com/OpenVPN/openvpn/commit/68c01720eecc1772b3f648b9e043e396d943f632 (v2.6.15)
NOTE: Fixed by: https://github.com/OpenVPN/openvpn/commit/18c483dd6031d86eb393527855734e8cd62fea19 (v2.7_rc2)
NOTE: Fixed by: https://github.com/OpenVPN/openvpn/commit/fa6a1824b0f37bff137204156a74ca28cf5b6f83 (v2.6.16)
CVE-2025-64438
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3d8fadf8762e118609e5927399323374a4f9846
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3d8fadf8762e118609e5927399323374a4f9846
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251128/6e73ab8e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list