bullseye

@rouca Fri, 28 Nov 2025 15:23:53 -0800


Bastien Roucariès pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
9425b18c by Bastien Roucariès at 2025-11-29T00:23:14+01:00
wolfssl/bullseye

follow bookwomr

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1198,6 +1198,7 @@ CVE-2025-12889 (With TLS 1.2 connections a client can use 
any digest, specifical
        - wolfssl <unfixed> (bug #1121205)
        [trixie] - wolfssl <no-dsa> (Minor issue)
        [bookworm] - wolfssl <no-dsa> (Minor issue)
+       [bullseye] - wolfssl <postponed> (Minor issue)
        NOTE: https://github.com/wolfSSL/wolfssl/pull/9395
        NOTE: Fixed by: 
https://github.com/wolfSSL/wolfssl/commit/58bd6a8d9431f16b3745cae4d4dd504a8c170eb0
 (v5.8.4-stable)
        NOTE: Fixed by: 
https://github.com/wolfSSL/wolfssl/commit/f54ca0d481fae9bfa86011ff37d2911c824be073
 (v5.8.4-stable)
@@ -1205,6 +1206,7 @@ CVE-2025-12888 (Vulnerability in X25519 constant-time 
cryptographic implementati
        - wolfssl <unfixed> (bug #1121204)
        [trixie] - wolfssl <no-dsa> (Minor issue)
        [bookworm] - wolfssl <no-dsa> (Minor issue)
+       [bullseye] - wolfssl <postponed> (Minor issue)
        NOTE: https://github.com/wolfSSL/wolfssl/pull/9275
        NOTE: Fixed by: 
https://github.com/wolfSSL/wolfssl/commit/c161cbd9f3fa1247382bb5b6269c7379222cabf5
 (v5.8.4-stable)
 CVE-2025-12877 (The IDonate \u2013 Blood Donation, Request And Donor 
Management System ...)
@@ -1217,36 +1219,42 @@ CVE-2025-11936 (Improper input validation in the TLS 
1.3 KeyShareEntry parsing i
        - wolfssl <unfixed> (bug #1121202)
        [trixie] - wolfssl <no-dsa> (Minor issue)
        [bookworm] - wolfssl <no-dsa> (Minor issue)
+       [bullseye] - wolfssl <postponed> (Minor issue)
        NOTE: https://github.com/wolfSSL/wolfssl/pull/9117
        NOTE: Fixed by: 
https://github.com/wolfSSL/wolfssl/commit/b1cdf0b214f0e9c0d34e29d16325cbe9a8deb87d
 (v5.8.4-stable)
 CVE-2025-11935 (With TLS 1.3 pre-shared key (PSK) a malicious or faulty server 
could i ...)
        - wolfssl <unfixed> (bug #1121200)
        [trixie] - wolfssl <no-dsa> (Minor issue)
        [bookworm] - wolfssl <no-dsa> (Minor issue)
+       [bullseye] - wolfssl <postponed> (Minor issue)
        NOTE: https://github.com/wolfSSL/wolfssl/pull/9112
        NOTE: Fixed by: 
https://github.com/wolfSSL/wolfssl/commit/cd55fe613566c6eaf358f2796692ee5f24b55c0e
 (v5.8.4-stable)
 CVE-2025-11934 (Improper input validation in the TLS 1.3 CertificateVerify 
signature a ...)
        - wolfssl <unfixed> (bug #1121199)
        [trixie] - wolfssl <no-dsa> (Minor issue)
        [bookworm] - wolfssl <no-dsa> (Minor issue)
+       [bullseye] - wolfssl <postponed> (Minor issue)
        NOTE: https://github.com/wolfSSL/wolfssl/pull/9113
        NOTE: Fixed by: 
https://github.com/wolfSSL/wolfssl/commit/2810656242f18b813c1fbea117f68ac19193381f
 (v5.8.4-stable)
 CVE-2025-11933 (Improper Input Validation in the TLS 1.3 CKS extension parsing 
in wolf ...)
        - wolfssl <unfixed> (bug #1121198)
        [trixie] - wolfssl <no-dsa> (Minor issue)
        [bookworm] - wolfssl <no-dsa> (Minor issue)
+       [bullseye] - wolfssl <postponed> (Minor issue)
        NOTE: https://github.com/wolfSSL/wolfssl/pull/9132
        NOTE: Fixed by: 
https://github.com/wolfSSL/wolfssl/commit/2885df68b4f55961548d3a292128613c18e6774b
 (v5.8.4-stable)
 CVE-2025-11932 (The server previously verified the TLS 1.3 PSK binder using a 
non-cons ...)
        - wolfssl <unfixed> (bug #1121197)
        [trixie] - wolfssl <no-dsa> (Minor issue)
        [bookworm] - wolfssl <no-dsa> (Minor issue)
+       [bullseye] - wolfssl <postponed> (Minor issue)
        NOTE: https://github.com/wolfSSL/wolfssl/pull/9223
        NOTE: Fixed by: 
https://github.com/wolfSSL/wolfssl/commit/7afcf200774987fcd349663733770d38c1d97292
 (v5.8.4-stable)
 CVE-2025-11931 (Integer Underflow Leads to Out-of-Bounds Access in 
XChaCha20-Poly1305  ...)
        - wolfssl <unfixed> (bug #1121196)
        [trixie] - wolfssl <no-dsa> (Minor issue)
        [bookworm] - wolfssl <no-dsa> (Minor issue)
+       [bullseye] - wolfssl <postponed> (Minor issue)
        NOTE: https://github.com/wolfSSL/wolfssl/pull/9223
        NOTE: Fixed by: 
https://github.com/wolfSSL/wolfssl/commit/7afcf200774987fcd349663733770d38c1d97292
 (v5.8.4-stable)
 CVE-2025-11186 (The Cookie Notice & Compliance for GDPR / CCPA plugin for 
WordPress is ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9425b18c15616cadc95c1be2bcea969a6e93fe69

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9425b18c15616cadc95c1be2bcea969a6e93fe69
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] wolfssl/bullseye

Reply via email to