Bug#1112459: bookworm-pu: package nginx/1.22.1-9+deb12u3 (fix CVE-2025-53859)

To: Jan Mojzis <janmojzis@debian.org>, 1112459@bugs.debian.org
Subject: Bug#1112459: bookworm-pu: package nginx/1.22.1-9+deb12u3 (fix CVE-2025-53859)
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 30 Aug 2025 18:33:19 +0100
Message-id: <[🔎] 0f8f3f8cc3e319350ff15b093ffc5d170dcdc557.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 1112459@bugs.debian.org
In-reply-to: <[🔎] 175648324019.94349.6365495139765894479.reportbug@dev.h.mojzis.com>
References: <[🔎] 175648324019.94349.6365495139765894479.reportbug@dev.h.mojzis.com> <[🔎] 175648324019.94349.6365495139765894479.reportbug@dev.h.mojzis.com>

Control: tags -1 + confirmed

On Fri, 2025-08-29 at 18:00 +0200, Jan Mojzis wrote:
> A security issue was identified in ngx_mail_smtp_module,
> which might allow an attacker to cause buffer over-read,
> potentially resulting in sensitive information leak
> in a HTTP request to the authentication server (CVE-2025-53859).

Please go ahead.

Regards,

Adam

Reply to:

References:
- Bug#1112459: bookworm-pu: package nginx/1.22.1-9+deb12u3 (fix CVE-2025-53859)
  - From: Jan Mojzis <janmojzis@debian.org>

Prev by Date: Processed: Re: Bug#1112340: bookworm-pu: package node-nodeunit/0.11.3+ds-5~deb12u1
Next by Date: Processed: Re: Bug#1112347: bookworm-pu: package node-addon-api/5.0.0-6+deb12u1
Previous by thread: Processed: bookworm-pu: package nginx/1.22.1-9+deb12u3 (fix CVE-2025-53859)
Next by thread: Processed: Re: Bug#1112459: bookworm-pu: package nginx/1.22.1-9+deb12u3 (fix CVE-2025-53859)
Index(es):
- Date
- Thread