[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-14905/389-ds-base

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
da8962e7 by Salvatore Bonaccorso at 2026-03-15T21:11:30+01:00
Add Debian bug reference for CVE-2025-14905/389-ds-base

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8778,10 +8778,9 @@ CVE-2025-40986 (Reflected Cross-Site Scripting (XSS) vulnerability in PideTuCita
 CVE-2025-40701 (Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3. ...)
 	NOT-FOR-US: SOTESHOP
 CVE-2025-14905 (A flaw was found in the 389-ds-base server. A heap buffer overflow vul ...)
-	- 389-ds-base <unfixed>
+	- 389-ds-base <unfixed> (bug #1130910)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2423624
-	TODO: check details
-	NOTE: Fixed by: https://github.com/389ds/389-ds-base/commit/2e424110def2e3998f6045e136fb0d43f47b7f5a
+	NOTE: Fixed by: https://github.com/389ds/389-ds-base/commit/2e424110def2e3998f6045e136fb0d43f47b7f5a (main)
 CVE-2026-2998 (ERP developed by eAI Technologies has a DLL Hijacking vulnerability, a ...)
 	NOT-FOR-US: ERP eAI Technologies
 CVE-2026-2997 (Tronclass developed by WisdomGarden has a Insecure Direct Object Refer ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/da8962e7f54ff79b82a7443d92eff19175e7635a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/da8962e7f54ff79b82a7443d92eff19175e7635a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260315/be08e425/attachment.htm>