[Git][security-tracker-team/security-tracker][master] Add CVE-2025-59530/golang-github-lucas-clemente-quic-go

Sun Oct 12 06:34:26 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5a4469d9 by Salvatore Bonaccorso at 2025-10-12T07:33:34+02:00
Add CVE-2025-59530/golang-github-lucas-clemente-quic-go

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -298,7 +298,12 @@ CVE-2025-60269 (JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls
 CVE-2025-60268 (An arbitrary file upload vulnerability exists in JeeWMS 20250820, whic ...)
 	NOT-FOR-US: JeeWMS
 CVE-2025-59530 (quic-go is an implementation of the QUIC protocol in Go. In versions p ...)
-	TODO: check
+	- golang-github-lucas-clemente-quic-go 0.54.1-1
+	NOTE: https://github.com/quic-go/quic-go/security/advisories/GHSA-47m2-4cr7-mhcw
+	NOTE: https://github.com/quic-go/quic-go/pull/5354
+	NOTE: Fixed by: https://github.com/quic-go/quic-go/commit/ce7c9ea8834b9d2ed79efa9269467f02c0895d42 (v0.55.0)
+	NOTE: Fixed by: https://github.com/quic-go/quic-go/commit/0264fbc02e94a24370ff68005e02aa53f10add58 (v0.54.1)
+	NOTE: Fixed by: https://github.com/quic-go/quic-go/commit/275c172fec2b4dae0eea5ac2052a28848b4363ea (v0.49.1)
 CVE-2025-55903 (A HTML injection vulnerability exists in Perfex CRM v3.3.1. The applic ...)
 	NOT-FOR-US: Perfex CRM
 CVE-2025-52655 (Inclusion of Functionality from Untrusted Control Sphere vulnerability ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a4469d94fc107a8052666c0247c789ffd328eb8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a4469d94fc107a8052666c0247c789ffd328eb8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251012/53df5334/attachment-0001.htm>
