[Git][security-tracker-team/security-tracker][master] Track fixes for wolfssl issues fixed via unstable

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Mar 20 20:21:02 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
173f69f2 by Salvatore Bonaccorso at 2026-03-20T21:20:27+01:00
Track fixes for wolfssl issues fixed via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -260,11 +260,11 @@ CVE-2026-4465 (A flaw has been found in D-Link DIR-513 1.10. The impacted elemen
 CVE-2026-4428 (A logic error in CRL distribution point validation in AWS-LC before 1. ...)
 	NOT-FOR-US: Amazon
 CVE-2026-4395 (Heap-based buffer overflow in the KCAPI ECC code path of wc_ecc_import ...)
-	- wolfssl <unfixed>
+	- wolfssl 5.9.0-0.1
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/9988
 	NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/ddc177b669cff9d3c7e1b51751f9df73062b872a (v5.9.0-stable)
 CVE-2026-4159 (1-byte OOB heap read in wc_PKCS7_DecodeEnvelopedData via zero-length e ...)
-	- wolfssl <unfixed>
+	- wolfssl 5.9.0-0.1
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/9945
 	NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/d37b51c3cef6897e117364ab8b1a257e52a634c0 (v5.9.0-stable)
 CVE-2026-4136 (The Membership Plugin \u2013 Restrict Content plugin for WordPress is  ...)
@@ -274,13 +274,13 @@ CVE-2026-4038 (The Aimogen Pro plugin for WordPress is vulnerable to Arbitrary F
 CVE-2026-3948
 	REJECTED
 CVE-2026-3849 (Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Confi ...)
-	- wolfssl <unfixed>
+	- wolfssl 5.9.0-0.1
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/9737
 CVE-2026-3549 (Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in  ...)
-	- wolfssl <unfixed>
+	- wolfssl 5.9.0-0.1
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/9817
 CVE-2026-3547 (Out-of-bounds read in ALPN parsing due to incomplete validation. wolfS ...)
-	- wolfssl <unfixed>
+	- wolfssl 5.9.0-0.1
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/9859
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/9860
 	NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/9d3cc6e30c778b124002cc45b7974d718b6649fd (v5.9.0-stable)
@@ -786,21 +786,21 @@ CVE-2026-4424 (A flaw was found in libarchive. This heap out-of-bounds read vuln
 CVE-2026-3658 (The Appointment Booking Calendar \u2014 Simply Schedule Appointments B ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-3580 (In wolfSSL 5.8.4, constant-time masking logic in sp_256_get_entry_256_ ...)
-	- wolfssl <unfixed>
+	- wolfssl 5.9.0-0.1
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/9855
 	NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/71226b68b69404206c74694715f11bb6630750dc (v5.9.0-stable)
 CVE-2026-3579 (wolfSSL 5.8.4 on RISC-V RV32I architectures lacks a constant-time soft ...)
-	- wolfssl <unfixed>
+	- wolfssl 5.9.0-0.1
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/9855
 	NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/71226b68b69404206c74694715f11bb6630750dc (v5.9.0-stable)
 CVE-2026-3548 (Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser  ...)
-	- wolfssl <unfixed>
+	- wolfssl 5.9.0-0.1
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/9628/
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/9873/
 CVE-2026-3511 (Improper Restriction of XML External Entity Reference vulnerability in ...)
 	NOT-FOR-US: Slovensko.Digital Autogram
 CVE-2026-3503 (Protection mechanism failure in wolfCrypt post-quantum implementations ...)
-	- wolfssl <unfixed>
+	- wolfssl 5.9.0-0.1
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/9734
 	NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/65a1a6887747949ed148d8be3350b86ecff24fbc (v5.9.0-stable)
 CVE-2026-3029 (A path traversal and arbitrary file write vulnerability exist in the e ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/173f69f2b571613b030185dcf420b2bd893cd14b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/173f69f2b571613b030185dcf420b2bd893cd14b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260320/3ee3eeba/attachment.htm>

More information about the debian-security-tracker-commits mailing list