proj: Below
subj: [vs] encrypted subject
trep: Fri Mar 07 11:22:23 2025
cves: CVE-2025-27591
tcrd: 2025-03-12
lpub: https://github.com/facebookincubator/below/commit/10e73a21d67baa2cd613ee92ce999cda145e1a83
tpub: Mon Feb 24 16:00:00 2025
toss: Wed Mar 12 11:25:45 2025
soss: [oss-security] Below: World Writable Directory in /var/log/below Allows Local Privilege Escalation (CVE-2025-27591)
loss: https://www.openwall.com/lists/oss-security/2025/03/12/1

proj: Linux
subj: [vs-plain] CVE-2024-57882 fix does not prevent all memory corruption
trep: Wed Mar 12 12:50:52 2025
tcrd: March 21st, 10:00 (GMT+1) \\ Please wait for the patch to be in stable \\ next Wednesday, April 2
lpub: https://lore.kernel.org/all/20250314-net-mptcp-fix-data-stream-corr-sockopt-v1-1-122dbb249db3@kernel.org/
tpub: Fri Mar 14 20:12:03 2025
toss: Tue Apr 01 16:39:52 2025
soss: [oss-security] Linux kernel: CVE-2024-57882 fix did not prevent data stream corruption in the MPTCP protocol
loss: https://www.openwall.com/lists/oss-security/2025/04/01/3

proj: Exim
subj: [vs] ...
trep: Wed Mar 19 13:39:14 2025
cves: CVE-2025-30232
tcrd: Wednesday, Mar 26th, 2025, at 14:00 UTC
toss: Wed Mar 26 14:58:04 2025
soss: [oss-security] CVE-2025-30232: UAF in Exim 4.96 to 4.98.1
loss: https://www.openwall.com/lists/oss-security/2025/03/26/1

proj: OpenVPN
subj: [vs] ...
trep: Wed Mar 26 23:08:56 2025
cves: CVE-2025-2704
tcrd: 2025-04-02 (April 2, 2025)
toss: Wed Apr 02 22:51:06 2025
soss: [oss-security] CVE-2025-2704 - OpenVPN 2.6.1 through 2.6.13 with possible DoS
loss: https://www.openwall.com/lists/oss-security/2025/04/02/5

proj: giflib
subj: [vs]The giflib open-source component has a buffer overflow vulnerability.
trep: Fri Mar 28 10:05:11 2025
cves: CVE-2025-31344
tcrd: 2025.4.7
toss: Mon Apr 07 14:34:38 2025
soss: [oss-security] CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability.
loss: https://www.openwall.com/lists/oss-security/2025/04/07/3

proj: PowerDNS
subj: [vs] EMBARGO: PowerDNS Security Advisory 2025-01 (CVE-2025-30195): A crafted zone can lead to an illegal memory access in the Recursor
trep: Mon Mar 31 13:21:07 2025
cves: CVE-2025-30195
tcrd: 7th of April 2025 (around 12:00 UTC)
toss: Mon Apr 07 14:01:07 2025
soss: [oss-security] PowerDNS Recursor Security Advisory 2025-01 regarding PowerDNS Recusor 5.2.0
loss: https://www.openwall.com/lists/oss-security/2025/04/07/1

proj: xz
subj: [vs-plain] ...
trep: Mon Mar 31 17:42:17 2025
cves: CVE-2025-31115
tcrd: 2025-04-03 (Thursday) at 15:00 UTC
toss: Thu Apr 03 16:29:26 2025
soss: [oss-security] XZ Utils: Threaded decoder frees memory too early (CVE-2025-31115)
loss: https://www.openwall.com/lists/oss-security/2025/04/03/1