[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-11678/libwebsockets

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
535e29e3 by Salvatore Bonaccorso at 2025-10-24T22:22:39+02:00
Add Debian bug reference for CVE-2025-11678/libwebsockets

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1878,7 +1878,7 @@ CVE-2025-11679 (Out-of-bounds Read in lws_upng_emit_next_line in warmcat libwebs
 	NOTE: Introduced in: https://libwebsockets.org/git/libwebsockets/commit?id=48907fca0a25c39ce35692c527cb8aa82ee60d85 (v4.4.0)
 	NOTE: Fixed in: https://libwebsockets.org/git/libwebsockets/commit?id=7df24cca7144d7bc9233b6b0a71108bd154ce101
 CVE-2025-11678 (Stack-based Buffer Overflowin lws_adns_parse_label in warmcat libwebso ...)
-	- libwebsockets <unfixed>
+	- libwebsockets <unfixed> (bug #1118746)
 	NOTE: https://libwebsockets.org/git/libwebsockets/commit?id=2bb9598562b37c942ba5b04bcde3f7fdf66a9d3a
 CVE-2025-11677 (Use After Free in WebSocket server implementation in lws_handshake_ser ...)
 	- libwebsockets <unfixed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/535e29e33be915b47afcd11f99adf400e3585d45

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/535e29e33be915b47afcd11f99adf400e3585d45
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251024/f2910a2d/attachment.htm>