[Git][security-tracker-team/security-tracker][master] 2 commits: suricata: Update infos on latest CVEs for 8.0.2 / 7.0.13
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Nov 29 15:55:21 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fedc9d2e by Andreas Dolp at 2025-11-29T12:42:39+01:00
suricata: Update infos on latest CVEs for 8.0.2 / 7.0.13
CVE-2025-64344
CVE-2025-64335
CVE-2025-64334
CVE-2025-64333
CVE-2025-64332
CVE-2025-64331
CVE-2025-64330
- - - - -
346c1bb2 by Salvatore Bonaccorso at 2025-11-29T16:55:13+01:00
Merge branch 'users/ecite/suricata-cves-20251129-add-notes' into 'master'
suricata: Update infos on latest CVEs for 8.0.2 / 7.0.13
See merge request security-tracker-team/security-tracker!250
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -243,7 +243,8 @@ CVE-2025-64344 (Suricata is a network IDS, IPS and NSM engine developed by the O
- suricata 1:8.0.2-1
NOTE: https://github.com/OISF/suricata/security/advisories/GHSA-93fh-cgmc-w3rx
NOTE: https://redmine.openinfosecfoundation.org/issues/8065
- NOTE: https://github.com/OISF/suricata/commit/e13fe6a90dba210a478148c4084f6f5db17c5b5a (suricata-8.0.2)
+ NOTE: Fixed by: https://github.com/OISF/suricata/commit/d364b04a595facd5980c44f4f9ea39319999bf66 (suricata-8.0.2)
+ NOTE: Fixed by: https://github.com/OISF/suricata/commit/a7ff4c9ba53009680c7cd128b16c28d0aeda9886 (suricata-7.0.13)
CVE-2025-64335 (Suricata is a network IDS, IPS and NSM engine developed by the OISF (O ...)
- suricata 1:8.0.2-1
NOTE: https://github.com/OISF/suricata/security/advisories/GHSA-v299-h7p3-q4f2
@@ -258,20 +259,26 @@ CVE-2025-64333 (Suricata is a network IDS, IPS and NSM engine developed by the O
- suricata 1:8.0.2-1
NOTE: https://github.com/OISF/suricata/security/advisories/GHSA-537h-xxmx-v87m
NOTE: https://redmine.openinfosecfoundation.org/issues/8056 (private)
+ NOTE: Fixed by: https://github.com/OISF/suricata/commit/efe7aeb145e7dd1f14db3deff9c0d9900b34ecba (suricata-8.0.2)
+ NOTE: Fixed by: https://github.com/OISF/suricata/commit/4b1d284bb57219b6677a8bda5cdc14a24a6aa22d (suricata-7.0.13)
CVE-2025-64332 (Suricata is a network IDS, IPS and NSM engine developed by the OISF (O ...)
- suricata 1:8.0.2-1
NOTE: https://github.com/OISF/suricata/security/advisories/GHSA-p32q-7wcp-gv92
- NOTE: https://redmine.openinfosecfoundation.org/issues/8055
+ NOTE: https://redmine.openinfosecfoundation.org/issues/8055 (private)
NOTE: Fixed by: https://github.com/OISF/suricata/commit/ad446c9006a77490af51c468aae0ce934f4d2117 (suricata-8.0.2)
+ NOTE: Fixed by: https://github.com/OISF/suricata/commit/f67d72702a2601d0a86ac1450686e70d7176f629 (suricata-7.0.13)
CVE-2025-64331 (Suricata is a network IDS, IPS and NSM engine developed by the OISF (O ...)
- suricata 1:8.0.2-1
NOTE: https://github.com/OISF/suricata/security/advisories/GHSA-v32w-j79x-pfj2
NOTE: https://redmine.openinfosecfoundation.org/issues/8004 (private)
+ NOTE: Fixed by: https://github.com/OISF/suricata/commit/647bfad14d43b5abce1459e9af23851d342027a0 (suricata-8.0.2)
+ NOTE: Fixed by: https://github.com/OISF/suricata/commit/5abf9b81e78476f49ab074f3a74b5840747cd069 (suricata-7.0.13)
CVE-2025-64330 (Suricata is a network IDS, IPS and NSM engine developed by the OISF (O ...)
- suricata 1:8.0.2-1
NOTE: https://github.com/OISF/suricata/security/advisories/GHSA-83v7-gm34-f437
- NOTE: https://redmine.openinfosecfoundation.org/issues/8021
+ NOTE: https://redmine.openinfosecfoundation.org/issues/8021 (private)
NOTE: Fixed by: https://github.com/OISF/suricata/commit/482e5eac9218d007adbe2410d6c00173368ce947 (suricata-8.0.2)
+ NOTE: Fixed by: https://github.com/OISF/suricata/commit/5d6c24cc2ce6a390c0956b7ecb2c5efc47e72abc (suricata-7.0.13)
CVE-2025-62593 (Ray is an AI compute engine. Prior to version 2.52.0, developers worki ...)
NOT-FOR-US: Ray
CVE-2025-3784 (Cleartext Storage of Sensitive Information Vulnerability in GX Works2 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4f442000cc87c66eadd9a4d433ac1a2f47cd072c...346c1bb2cf5f1628b601f96d05be3b6bb26c9d8f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4f442000cc87c66eadd9a4d433ac1a2f47cd072c...346c1bb2cf5f1628b601f96d05be3b6bb26c9d8f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251129/98502080/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list