[Git][security-tracker-team/security-tracker][master] Update information for CVE-2025-15467

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jan 27 15:36:13 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8b140ee7 by Salvatore Bonaccorso at 2026-01-27T16:35:34+01:00
Update information for CVE-2025-15467

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10,6 +10,12 @@ CVE-2025-15467 [Stack buffer overflow in CMS AuthEnvelopedData parsing]
 	- openssl <unfixed>
 	[bullseye] - openssl <not-affected> (Vulnerable code introduced later)
 	NOTE: https://openssl-library.org/news/secadv/20260127.txt
+	NOTE: Fixed by: https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc (openssl-3.5.5)
+	NOTE: Fixed by: https://github.com/openssl/openssl/commit/9f6338e92c96ffc70b0223bf5da0c134a8eef9fb (openssl-3.5.5)
+	NOTE: Test: https://github.com/openssl/openssl/commit/a114855991da05631cce17a52a143f10d80b4193 (openssl-3.5.5)
+	NOTE: Fixed by: https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e (openssl-3.0.19)
+	NOTE: Fixed by: https://github.com/openssl/openssl/commit/cdccf8f2ef17ae020bd69360c43a39306b89c381 (openssl-3.0.19)
+	NOTE: Test: https://github.com/openssl/openssl/commit/e0666f72294691a808443970b654412a6d92fa0f (openssl-3.0.19)
 CVE-2025-15468 [NULL dereference in SSL_CIPHER_find() function on unknown cipher ID]
 	- openssl <unfixed>
 	[bookworm] - openssl <not-affected> (Vulnerable code introduced later)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b140ee762658d4970ae25c0fc41bcf28dfdd0e8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b140ee762658d4970ae25c0fc41bcf28dfdd0e8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260127/8a9651a3/attachment.htm>

More information about the debian-security-tracker-commits mailing list