[Git][security-tracker-team/security-tracker][master] Mark 389-ds-base as no-dsa and track update via trixie-pu

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed May 6 10:51:27 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e16b92f6 by Salvatore Bonaccorso at 2026-05-06T11:50:38+02:00
Mark 389-ds-base as no-dsa and track update via trixie-pu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -37499,6 +37499,8 @@ CVE-2025-40701 (Reflected Cross-Site Scripting vulnerability in SOTESHOP, versio
 	NOT-FOR-US: SOTESHOP
 CVE-2025-14905 (A flaw was found in the 389-ds-base server. A heap buffer overflow vul ...)
 	- 389-ds-base 3.1.2+vendor1-2 (bug #1130910)
+	[trixie] - 389-ds-base <no-dsa> (Minor issue; can be fixed via point release)
+	[bookworm] - 389-ds-base <no-dsa> (Minor issue; can be fixed via point release)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2423624
 	NOTE: Fixed by: https://github.com/389ds/389-ds-base/commit/2e424110def2e3998f6045e136fb0d43f47b7f5a (main)
 CVE-2026-2998 (ERP developed by eAI Technologies has a DLL Hijacking vulnerability, a ...)


=====================================
data/next-point-update.txt
=====================================
@@ -424,3 +424,5 @@ CVE-2026-28780
 	[trixie] - apache2 2.4.67-1~deb13u1
 CVE-2026-40254
 	[trixie] - freerdp3 3.15.0+dfsg-2.1+deb13u3
+CVE-2025-14905
+	[trixie] - 389-ds-base 3.1.2+dfsg1-1+deb13u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e16b92f6bdd8f6912727880d60ac4871e923d294

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e16b92f6bdd8f6912727880d60ac4871e923d294
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260506/9be5777f/attachment.htm>

More information about the debian-security-tracker-commits mailing list