[Git][security-tracker-team/security-tracker][master] libcoap2/bullseye

Bastien Roucariès (@rouca) rouca at debian.org
Sat Nov 29 11:03:28 GMT 2025 


Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker


Commits:
09ec0677 by Bastien Roucariès at 2025-11-29T12:02:50+01:00
libcoap2/bullseye

follow libcoap3 triagge

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -876,6 +876,7 @@ CVE-2025-65501 (Null pointer dereference in coap_dtls_info_callback() in OISM li
 	[trixie] - libcoap3 <no-dsa> (Minor issue)
 	[bookworm] - libcoap3 <no-dsa> (Minor issue)
 	- libcoap2 <removed>
+	[bullseye] - libcoap2 <postponed> (Minor issue)
 	NOTE: https://github.com/obgm/libcoap/issues/1748
 	NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-65500 (NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_op ...)
@@ -883,6 +884,7 @@ CVE-2025-65500 (NULL pointer dereference in coap_dtls_generate_cookie() in src/c
 	[trixie] - libcoap3 <no-dsa> (Minor issue)
 	[bookworm] - libcoap3 <no-dsa> (Minor issue)
 	- libcoap2 <removed>
+	[bullseye] - libcoap2 <postponed> (Minor issue)
 	NOTE: https://github.com/obgm/libcoap/issues/1746
 	NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-65499 (Array index error in tls_verify_call_back() in src/coap_openssl.c in O ...)
@@ -890,6 +892,7 @@ CVE-2025-65499 (Array index error in tls_verify_call_back() in src/coap_openssl.
 	[trixie] - libcoap3 <no-dsa> (Minor issue)
 	[bookworm] - libcoap3 <no-dsa> (Minor issue)
 	- libcoap2 <removed>
+	[bullseye] - libcoap2 <postponed> (Minor issue)
 	NOTE: https://github.com/obgm/libcoap/issues/1747
 	NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-65498 (NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_op ...)
@@ -897,6 +900,7 @@ CVE-2025-65498 (NULL pointer dereference in coap_dtls_generate_cookie() in src/c
 	[trixie] - libcoap3 <no-dsa> (Minor issue)
 	[bookworm] - libcoap3 <no-dsa> (Minor issue)
 	- libcoap2 <removed>
+	[bullseye] - libcoap2 <postponed> (Minor issue)
 	NOTE: https://github.com/obgm/libcoap/issues/1746
 	NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-65497 (NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_op ...)
@@ -904,6 +908,7 @@ CVE-2025-65497 (NULL pointer dereference in coap_dtls_generate_cookie() in src/c
 	[trixie] - libcoap3 <no-dsa> (Minor issue)
 	[bookworm] - libcoap3 <no-dsa> (Minor issue)
 	- libcoap2 <removed>
+	[bullseye] - libcoap2 <postponed> (Minor issue)
 	NOTE: https://github.com/obgm/libcoap/issues/1745
 	NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-65496 (NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_op ...)
@@ -911,6 +916,7 @@ CVE-2025-65496 (NULL pointer dereference in coap_dtls_generate_cookie() in src/c
 	[trixie] - libcoap3 <no-dsa> (Minor issue)
 	[bookworm] - libcoap3 <no-dsa> (Minor issue)
 	- libcoap2 <removed>
+	[bullseye] - libcoap2 <postponed> (Minor issue)
 	NOTE: https://github.com/obgm/libcoap/issues/1745
 	NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-65495 (Integer signedness error in tls_verify_call_back() in src/coap_openssl ...)
@@ -918,6 +924,7 @@ CVE-2025-65495 (Integer signedness error in tls_verify_call_back() in src/coap_o
 	[trixie] - libcoap3 <no-dsa> (Minor issue)
 	[bookworm] - libcoap3 <no-dsa> (Minor issue)
 	- libcoap2 <removed>
+	[bullseye] - libcoap2 <postponed> (Minor issue)
 	NOTE: https://github.com/obgm/libcoap/issues/1744
 	NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-65494 (NULL pointer dereference in get_san_or_cn_from_cert() in src/coap_open ...)
@@ -925,6 +932,7 @@ CVE-2025-65494 (NULL pointer dereference in get_san_or_cn_from_cert() in src/coa
 	[trixie] - libcoap3 <no-dsa> (Minor issue)
 	[bookworm] - libcoap3 <no-dsa> (Minor issue)
 	- libcoap2 <removed>
+	[bullseye] - libcoap2 <postponed> (Minor issue)
 	NOTE: https://github.com/obgm/libcoap/issues/1745
 	NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-65493 (NULL pointer dereference in src/coap_openssl.c in OISM libcoap 4.3.5 a ...)
@@ -932,6 +940,7 @@ CVE-2025-65493 (NULL pointer dereference in src/coap_openssl.c in OISM libcoap 4
 	[trixie] - libcoap3 <no-dsa> (Minor issue)
 	[bookworm] - libcoap3 <no-dsa> (Minor issue)
 	- libcoap2 <removed>
+	[bullseye] - libcoap2 <postponed> (Minor issue)
 	NOTE: https://github.com/obgm/libcoap/issues/1743
 	NOTE: https://github.com/obgm/libcoap/pull/1750
 CVE-2025-64048 (YCCMS 3.4 contains a stored cross-site scripting (XSS) vulnerability i ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09ec0677a16e92361ee87d2d64c8ea10b50fd03b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09ec0677a16e92361ee87d2d64c8ea10b50fd03b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251129/a4d9a5d1/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list