[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

curl CVE-2025-4947, CVE-2025-5025 probably fixed in trixie/sid



Hi,
While merging updated versions of curl into a Debian derivative I noticed
that curl in trixie/sid is listed as vulnerable to CVE-2025-4947 and
CVE-2025-5025, but according to the notes those CVEs are fixed in
curl-8_14_0, therefore 8.14.1-1 in trixie/sid is probably not vulnerable
(even if the relevant features are enabled, which I haven't checked).

    smcv


Reply to: