[Git][security-tracker-team/security-tracker][master] lts: two libwebsockets issues n/a on bullseye
Emilio Pozuelo Monfort (@pochu)
pochu at debian.org
Thu Oct 23 12:12:48 BST 2025
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d9abb349 by Emilio Pozuelo Monfort at 2025-10-23T13:12:17+02:00
lts: two libwebsockets issues n/a on bullseye
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1406,9 +1406,11 @@ CVE-2025-11979 (An authorized user may crash the MongoDB server by causing buffe
- mongodb <removed>
CVE-2025-11680 (Out-of-bounds Write in unfilter_scanline in warmcat libwebsockets allo ...)
- libwebsockets <unfixed>
+ [bullseye] - libwebsockets <not-affected> (lws_upng introduced in 4.4.0)
NOTE: https://libwebsockets.org/git/libwebsockets/commit?id=2b715249f39291c86443b969a1088d59b6a89b78
CVE-2025-11679 (Out-of-bounds Read in lws_upng_emit_next_line in warmcat libwebsockets ...)
- libwebsockets <unfixed>
+ [bullseye] - libwebsockets <not-affected> (lws_upng introduced in 4.4.0)
NOTE: https://libwebsockets.org/git/libwebsockets/commit?id=7df24cca7144d7bc9233b6b0a71108bd154ce101
CVE-2025-11678 (Stack-based Buffer Overflowin lws_adns_parse_label in warmcat libwebso ...)
- libwebsockets <unfixed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9abb3491061b95f3dc560c74198bdbf8fc1dfd4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9abb3491061b95f3dc560c74198bdbf8fc1dfd4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251023/f92e9bf7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list