Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <36f5d22a-8717-4be3-94b3-c658e4615fb1@isc.org>
Date: Wed, 29 Oct 2025 18:45:10 +0100
From: Wlodek Wencel <wlodek@....org>
To: oss-security@...ts.openwall.com
Cc: security-officer@....org
Subject: ISC has disclosed one vulnerability in Kea (CVE-2025-11232)

On 29 October 2025 we (Internet Systems Consortium) disclosed one 
vulnerability affecting our Kea software:

- CVE-2025-11232:       Invalid characters cause assert 
https://kb.isc.org/docs/cve-2025-11232

New versions of Kea 3.0.2 and 3.1.3 are available from 
https://www.isc.org/downloads

With the public announcement of these vulnerabilities, the embargo 
period is ended and any updated software packages that have been 
prepared may be released.


Włodek Wencel


Download attachment "OpenPGP_0x2F58CA1ABCCB2572.asc" of type "application/pgp-keys" (629 bytes)

Download attachment "OpenPGP_signature.asc" of type "application/pgp-signature" (237 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.