[Git][security-tracker-team/security-tracker][master] Patch for CVE-2025-57804/python-h2 is a two-parter
Daniel Leidert (@dleidert)
dleidert at debian.org
Tue Sep 2 16:10:38 BST 2025
Daniel Leidert pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2f0b2a51 by Daniel Leidert at 2025-09-02T17:10:03+02:00
Patch for CVE-2025-57804/python-h2 is a two-parter
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1731,6 +1731,7 @@ CVE-2025-57805 (The Scratch Channel is a news website. In versions 1 and 1.1, a
CVE-2025-57804 (h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior t ...)
- python-h2 <unfixed> (bug #1112348)
NOTE: https://github.com/python-hyper/h2/security/advisories/GHSA-847f-9342-265h
+ NOTE: https://github.com/python-hyper/h2/commit/883ed37be42592b2f0aa0caddab6ca5e3d668fa3 (v4.3.0)
NOTE: https://github.com/python-hyper/h2/commit/035e9899f95e3709af098f578bfc3cd302298e3a (v4.3.0)
CVE-2025-57704 (Delta Electronics EIP Builder version 1.11 is vulnerable to a File Par ...)
NOT-FOR-US: Delta Electronics
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f0b2a51f7d8398dad1387a01ca5988a45603c66
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f0b2a51f7d8398dad1387a01ca5988a45603c66
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250902/9fe85746/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list