erlang (1:28.0.4+dfsg-1)
[PTS] [DDPO]
OLD: VCS is behind the version in the archive: 1:27.3.4.3+dfsg-1 < 1:28.0.4+dfsg-1.
- Git: https://salsa.debian.org/erlang-team/packages/erlang.git
-
- Branch: master
- Path: debian/changelog
- Repo size: 14168064
- Browser: https://salsa.debian.org/erlang-team/packages/erlang
- Last scan: 2025-10-20 09:28:07+00
- Next scan: 2025-10-28 12:51:00+00
- Merge requests: 3
- Debian changelog in Git:
erlang (1:27.3.4.3+dfsg-1) unstable; urgency=medium
* New upstream release.
* Fix CVE-2025-48038: allocation of resources without limits or throttling
vulnerability in the ssh_sftp module allows excessive allocation,
resource leak exposure (closes: #1115093).
* Fix CVE-2025-48039: allocation of resources without limits or throttling
vulnerability in the ssh_sftp module allows excessive allocation,
resource leak exposure (closes: #1115092).
* Fix CVE-2025-48040: uncontrolled resource consumption vulnerability in
the ssh_sftp module allows excessive allocation, flooding (closes: 1115091).
* Fix CVE-2025-48041: allocation of resources without limits or throttling
vulnerability in the ssh_sftp module allows excessive allocation,
flooding (closes: #1115090).
* Fix CVE-2016-1000107: inets does not protect applications from the presence
of untrusted client data in the HTTP_PROXY environment variable
(closes: #1115086).
-- Sergei Golovan <sgolovan@debian.org> Mon, 15 Sep 2025 18:42:37 +0300
- This branch is even with tag debian/1%27.3.4.3+dfsg-1