[Git][security-tracker-team/security-tracker][master] Reserve DSA number for openssl update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Oct 1 13:58:07 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e14b7bff by Salvatore Bonaccorso at 2025-10-01T14:57:33+02:00
Reserve DSA number for openssl update

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -337,6 +337,7 @@ CVE-2025-9230 (Issue summary: An application trying to decrypt CMS messages encr
 	NOTE: https://openssl-library.org/news/secadv/20250930.txt
 CVE-2025-9231 (Issue summary: A timing side-channel which could potentially allow rem ...)
 	- openssl 3.5.4-1
+	[trixie] - openssl 3.5.1-1+deb13u1
 	[bookworm] - openssl <not-affected> (Vulnerable code not present)
 	[bullseye] - openssl <not-affected> (Vulnerable code not present)
 	NOTE: https://openssl-library.org/news/secadv/20250930.txt


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,7 @@
+[01 Oct 2025] DSA-6015-1 openssl - security update
+	{CVE-2025-9230 CVE-2025-9232}
+	[bookworm] - openssl 3.0.17-1~deb12u3
+	[trixie] - openssl 3.5.1-1+deb13u1
 [28 Sep 2025] DSA-6014-1 gimp - security update
 	{CVE-2025-10920 CVE-2025-10922 CVE-2025-10923 CVE-2025-10924}
 	[trixie] - gimp 3.0.4-3+deb13u1


=====================================
data/dsa-needed.txt
=====================================
@@ -51,8 +51,6 @@ netty
 opennds/oldstable
   pinged maintainer, but no reply yet. should most probably be bumped to 10.x
 --
-openssl (carnil)
---
 pagure/oldstable (jmm)
 --
 php-laravel-framework/oldstable



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e14b7bff5bda17b930ec0632ad441639a53a0b68

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e14b7bff5bda17b930ec0632ad441639a53a0b68
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251001/74b7fec2/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list