[Git][security-tracker-team/security-tracker][master] 2 commits: lts: CVE-2025-13878/bind9 n/a on bullseye

Emilio Pozuelo Monfort (@pochu) pochu at debian.org
Thu Jan 22 13:38:09 GMT 2026 


Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e1e34cae by Emilio Pozuelo Monfort at 2026-01-22T14:37:48+01:00
lts: CVE-2025-13878/bind9 n/a on bullseye

- - - - -
428f2fd9 by Emilio Pozuelo Monfort at 2026-01-22T14:37:50+01:00
lts: python2.7 EOL on bullseye

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -76,6 +76,7 @@ CVE-2025-57681 (The WorklogPRO - Timesheets for Jira plugin in Jira Data Center
 	NOT-FOR-US: WorklogPRO Timesheets for Jira plugin
 CVE-2025-13878 (Malformed BRID/HHIT records can cause `named` to terminate unexpectedl ...)
 	- bind9 <unfixed>
+	[bullseye] - bind9 <not-affected> (BRID/HHIT rdata types introduced later)
 	NOTE: https://kb.isc.org/docs/cve-2025-13878
 	NOTE: Fixed by: https://gitlab.isc.org/isc-projects/bind9/-/commit/d556bde1231edf81427d577e35f48f764b6a37b8 (v9.18.44)
 	NOTE: Fixed by: https://gitlab.isc.org/isc-projects/bind9/-/commit/d4c0d617015625330f08a3f86a10a533cec0f6ec (v9.20.18)
@@ -385,6 +386,7 @@ CVE-2026-0865 (User-controlled header names and values containing newlines can a
 	- python3.11 <removed>
 	- python3.9 <removed>
 	- python2.7 <removed>
+	[bullseye] - python2.7 <end-of-life> (EOL in bullseye LTS)
 	- pypy3 <unfixed>
 	NOTE: https://github.com/python/cpython/pull/143917
 	NOTE: https://github.com/python/cpython/issues/143916
@@ -474,6 +476,7 @@ CVE-2025-11468 (When folding a long comment in an email header containing exclus
 	- python3.11 <removed>
 	- python3.9 <removed>
 	- python2.7 <removed>
+	[bullseye] - python2.7 <end-of-life> (EOL in bullseye LTS)
 	- pypy3 <unfixed>
 	- jython <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/python/cpython/issues/143935



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e96caaad99196a941a674bbb57c668ddb75622b7...428f2fd9aa44313a8254cbcca127572dddfdedfa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e96caaad99196a941a674bbb57c668ddb75622b7...428f2fd9aa44313a8254cbcca127572dddfdedfa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260122/cadae6bd/attachment.htm>

More information about the debian-security-tracker-commits mailing list