Source: musl Version: 1.2.5-1.1 Severity: important Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Control: found -1 1.2.3-1 Control: found -1 1.2.2-1
Hi, The following vulnerability was published for musl. CVE-2025-26519[0]: | musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds | write vulnerability when an attacker can trigger iconv conversion of | untrusted EUC-KR text to UTF-8. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2025-26519 https://www.cve.org/CVERecord?id=CVE-2025-26519 [1] https://www.openwall.com/lists/oss-security/2025/02/13/2 [2] https://git.musl-libc.org/cgit/musl/commit/?id=e5adcd97b5196e29991b524237381a0202a60659 [3] https://git.musl-libc.org/cgit/musl/commit/?id=c47ad25ea3b484e10326f933e927c0bc8cded3da Regards, Salvatore
