[Git][security-tracker-team/security-tracker][master] Add three new radare2 issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Oct 17 21:55:13 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bff03635 by Salvatore Bonaccorso at 2025-10-17T22:54:50+02:00
Add three new radare2 issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29,11 +29,17 @@ CVE-2025-62168 (Squid is a caching proxy for the Web. In Squid versions prior to
CVE-2025-60514 (Tillywork v0.1.3 and below is vulnerable to SQL Injection in app/commo ...)
NOT-FOR-US: Tillywork
CVE-2025-60361 (radare2 v5.9.8 and before contains a memory leak in the function bochs ...)
- TODO: check
+ - radare2 6.0.4+dfsg-1
+ NOTE: https://github.com/radareorg/radare2/pull/24312
+ NOTE: https://github.com/radareorg/radare2/commit/090dec1fe3204b2d1da6a6cfba286009e0dca128 (6.0.0)
CVE-2025-60360 (radare2 v5.9.8 and before contains a memory leak in the function r2r_s ...)
- TODO: check
+ - radare2 6.0.4+dfsg-1
+ NOTE: https://github.com/radareorg/radare2/pull/24245
+ NOTE: https://github.com/radareorg/radare2/commit/446671dafa81aa377305369796f03f31ed674bd9 (6.0.0)
CVE-2025-60359 (radare2 v5.9.8 and before contains a memory leak in the function r_bin ...)
- TODO: check
+ - radare2 6.0.4+dfsg-1
+ NOTE: https://github.com/radareorg/radare2/pull/24215
+ NOTE: https://github.com/radareorg/radare2/commit/a35c2895e0f820f5cbfa5e78ec1d4bfd981c7c6f (6.0.0)
CVE-2025-60279 (A server-side request forgery (SSRF) vulnerability in Illia Cloud illi ...)
NOT-FOR-US: Illia
CVE-2025-59043 (OpenBao is an open source identity-based secrets management system. In ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bff036355e4fdb3bb54bb60dd933a2decdb15e01
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bff036355e4fdb3bb54bb60dd933a2decdb15e01
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251017/0f0905ab/attachment.htm>
More information about the debian-security-tracker-commits
mailing list