[[mailing-lists:distros:stats:2025]]
 
Trace:

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

mailing-lists:distros:stats:2025 [2025/09/24 03:10]
solar add 2025-08 		mailing-lists:distros:stats:2025 [2025/11/07 02:19] (current)
solar add final 2025-10
Line 14: Line 14:
 | 2025-07 | 4 | 4 | 8.68 | 9.15 | 1.48 | 14.94 | | 2025-07 | 4 | 4 | 8.68 | 9.15 | 1.48 | 14.94 |
 | 2025-08 | 4 | 4 | 5.64 | 4.42 | 1.06 | 12.65 | | 2025-08 | 4 | 4 | 5.64 | 4.42 | 1.06 | 12.65 |
-Total 48 48 7.04 | 6.94 | 0.63 | 20.16 |+2025-09 ​11 11 5.04 | 4.78 | 1.00 | 13.89 | 
 +| 2025-10 | 8 | 8 | 7.36 | 6.94 | 1.00 | 15.48 | 
 +| Total | 67 | 67 | 6.75 | 6.82 | 0.63 | 20.16 |
  
 Non-embargoed reports (issue already posted to oss-security before being brought to (linux-)distros,​ which in 2025 didn't occur yet) are (will be) excluded from the calculation of average, median, and minimum embargo duration above. Non-embargoed reports (issue already posted to oss-security before being brought to (linux-)distros,​ which in 2025 didn't occur yet) are (will be) excluded from the calculation of average, median, and minimum embargo duration above.
Line 73: Line 75:
 | UDisks | [vs-plain] CVE-2025-8067 - UDisks \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​08/​28/​1|[oss-security] CVE-2025-8067 - UDisks]] | Fri Aug 15 23:41:06 2025 \\ Thu Aug 28 15:21:31 2025 | 12.65 | Aug 28th | CVE-2025-8067 | | UDisks | [vs-plain] CVE-2025-8067 - UDisks \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​08/​28/​1|[oss-security] CVE-2025-8067 - UDisks]] | Fri Aug 15 23:41:06 2025 \\ Thu Aug 28 15:21:31 2025 | 12.65 | Aug 28th | CVE-2025-8067 |
 | Kea | [vs] ... \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​08/​27/​1|[oss-security] ISC has disclosed one vulnerability in Kea (CVE-2025-40779)]] | Tue Aug 26 18:02:17 2025 \\ Wed Aug 27 19:34:17 2025 | 1.06 | 27 August 2025 | CVE-2025-40779 | | Kea | [vs] ... \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​08/​27/​1|[oss-security] ISC has disclosed one vulnerability in Kea (CVE-2025-40779)]] | Tue Aug 26 18:02:17 2025 \\ Wed Aug 27 19:34:17 2025 | 1.06 | 27 August 2025 | CVE-2025-40779 |
 +| CUPS | [vs-plain] EMBARGOED CVE-2025-58060 Authentication bypass with AuthType Negotiate \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​09/​11/​1|[oss-security] CVE-2025-58060 cups: Authentication bypass with AuthType Negotiate]] | Tue Sep 02 11:01:32 2025 \\ Thu Sep 11 15:30:07 2025 | 9.19 | September 11th 13:00 UTC | CVE-2025-58060 |
 +| CUPS | [vs-plain] EMBARGOED CVE-2025-58364 cups: Remote DoS via null dereference \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​09/​11/​2|[oss-security] CVE-2025-58364 cups: Remote DoS via null dereference]] | Thu Sep 04 06:14:22 2025 \\ Thu Sep 11 15:30:12 2025 | 7.39 | September 11th 13:00 UTC | CVE-2025-58364 |
 +| curl | [vs-plain] : pre-notification curl CVE-2025-9086 \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​09/​10/​1|[oss-security] [SECURITY ADVISORY] curl: CVE-2025-9086:​ Out of bounds read for cookie path]] | Fri Sep 05 11:10:12 2025 \\ Wed Sep 10 05:53:25 2025 | 4.78 | September 10 | CVE-2025-9086 |
 +| Perl CPAN JSON::XS | [vs-plain] : CVE-2025-40928:​ JSON::XS version 4.03 and earlier for Perl \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​09/​08/​2|[oss-security] CVE-2025-40928:​ JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified]] | Sat Sep 06 18:25:13 2025 \\ Mon Sep 08 17:46:31 2025 | 1.97 | this weekend \\ 16:00 UTC today | CVE-2025-40928 |
 +| Perl CPAN Cpanel::​JSON::​XS | [vs-plain] : CVE-2025-40929:​ Cpanel::​JSON::​XS version 4.39 and earlier for Perl \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​09/​08/​1|[oss-security] CVE-2025-40929:​ Cpanel::​JSON::​XS before version 4.40 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact]] | Sat Sep 06 18:26:02 2025 \\ Mon Sep 08 17:46:30 2025 | 1.97 | this weekend \\ 16:00 UTC today | CVE-2025-40929 |
 +| Perl CPAN JSON::SIMD | [vs-plain] : CVE-2025-40930:​ JSON::SIMD version 1.06 and earlier for Perl \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​09/​08/​3|[oss-security] CVE-2025-40930:​ JSON::SIMD before version 1.07 and earlier for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact]] | Sat Sep 06 18:26:23 2025 \\ Mon Sep 08 17:46:57 2025 | 1.97 | this weekend \\ 16:00 UTC today | CVE-2025-40930 |
 +| curl | [vs-plain] : pre-notification curl CVE-2025-10148 \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​09/​10/​2|[oss-security] [SECURITY ADVISORY] curl: CVE-2025-10148:​ predictable WebSocket mask]] | Tue Sep 09 05:49:00 2025 \\ Wed Sep 10 05:54:41 2025 | 1.00 | tomorrow \\ September 10 2025 around 06:00 UTC | CVE-2025-10148 |
 +| Stork | [vs] One Stork vulnerability will be announced on 10 September 2025 \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​09/​10/​5|[oss-security] ISC has disclosed one vulnerability in Stork (CVE-2025-8696)]] | Tue Sep 09 17:00:28 2025 \\ Wed Sep 10 19:08:02 2025 | 1.09 | 10 September 2025 | CVE-2025-8696 |
 +| OpenSSL | [vs-plain] Embargoed OpenSSL security issue \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​09/​30/​5|[oss-security] OpenSSL Security Advisory]] | Tue Sep 16 16:32:28 2025 \\ Tue Sep 30 13:49:20 2025 | 13.89 | 30th September 2025 | CVE-2025-9230 \\ CVE-2025-9231 \\ CVE-2025-9232 |
 +| open-vm-tools | [vs] [EMBARGOED] CVE-2025-41244 - open-vm-tools \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​09/​29/​10|[oss-security] [Security Advisory] open-vm-tools:​ Local privilege escalation (CVE-2025-41244)]] | Tue Sep 23 07:27:43 2025 \\ Mon Sep 29 16:24:26 2025 | 6.37 | Sep 29th, 2025 | CVE-2025-41244 \\ VMSA-2025-0015 |
 +| FreeIPA | [vs-plain] CVE-2025-7493 - Privilege escalation from host to domain admin in FreeIPA \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​09/​30/​6|[oss-security] FreeIPA - CVE-2025-7493 - Privilege Escalation from host to domain admin]] | Wed Sep 24 19:00:18 2025 \\ Tue Sep 30 15:50:21 2025 | 5.87 | September 30th | CVE-2025-7493 |
 +| X.Org X server and Xwayland | [vs-plain] Preview of X.Org Security Advisory for 2025-10-28 \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​10/​28/​7|[oss-security] Fwd: X.Org Security Advisory: multiple security issues X.Org X server and Xwayland]] | Mon Oct 13 07:46:59 2025 \\ Tue Oct 28 19:24:11 2025 | 15.48 | October 28, 2025 at 13:00 UTC | CVE-2025-62229 \\ CVE-2025-62230 \\ CVE-2025-62231 \\ ZDI-CAN-27238 \\ ZDI-CAN-27545 \\ ZDI-CAN-27560 |
 +| BIND 9 | [vs] ... \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​10/​22/​1|[oss-security] ISC has disclosed three vulnerabilities in BIND 9 (CVE-2025-8677,​ CVE-2025-40778,​ CVE-2025-40780)]] | Tue Oct 21 10:16:48 2025 \\ Wed Oct 22 15:54:47 2025 | 1.23 | 22 October 2025 | CVE-2025-8677 \\ CVE-2025-40778 \\ CVE-2025-40780 |
 +| runc | [vs] ... \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​11/​05/​3|[oss-security] runc container breakouts via procfs writes: CVE-2025-31133,​ CVE-2025-52565,​ and CVE-2025-52881]] | Wed Oct 22 12:16:52 2025 \\ Wed Nov 05 09:53:38 2025 | 13.90 | 2025-11-05 09:00 UTC | CVE-2025-31133 \\ CVE-2025-52565 \\ CVE-2025-52881 |
 +| OpenSMTPD | [vs] encrypted subject \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​10/​31/​3|[oss-security] OpenSMTPD: Trivial Local Denial-of-Service via UNIX Domain Socket (CVE-2025-62875)]] | Thu Oct 23 09:35:42 2025 \\ Fri Oct 31 17:22:01 2025 | 8.32 | 2025-10-31 | CVE-2025-62875 |
 +| OpenStack Keystone | [vs] Vulnerability in OpenStack Keystone (CVE pending) \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​11/​04/​2|[oss-security] [OSSA-2025-002] OpenStack Keystone: Unauthenticated access to EC2/S3 token endpoints can grant Keystone authorization (CVE PENDING)]] | Tue Oct 28 16:03:06 2025 \\ Tue Nov 04 15:01:25 2025 | 6.96 | Tuesday, 2025-11-04, 1500UTC |  |
 +| Kea | [vs] One Kea vulnerability will be announced on 29 October 2025 \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​10/​29/​5|[oss-security] ISC has disclosed one vulnerability in Kea (CVE-2025-11232)]] | Tue Oct 28 18:00:50 2025 \\ Wed Oct 29 17:55:19 2025 | 1.00 | 29 October 2025 | CVE-2025-11232 |
 +| curl | [vs-plain] : pre-notification curl CVE-2025-10966 \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​11/​05/​2|[oss-security] [SECURITY ADVISORY] curl: missing SFTP host verification with wolfSSH]] | Wed Oct 29 08:55:34 2025 \\ Wed Nov 05 07:14:23 2025 | 6.93 | November 5 2025 around 07:00 UTC | CVE-2025-10966 |
 +| wcurl | [vs-plain] : pre-notification wcurl CVE-2025-11563 \\ [[https://​www.openwall.com/​lists/​oss-security/​2025/​11/​04/​1|[oss-security] [SECURITY ADVISORY] wcurl path traversal with percent-encoded slashes]] | Thu Oct 30 07:19:58 2025 \\ Tue Nov 04 08:42:13 2025 | 5.06 | November 4 | CVE-2025-11563 |
  
 ===== Source input data ===== ===== Source input data =====
Line 86: Line 107:
   * {{stats-202507.txt}}   * {{stats-202507.txt}}
   * {{stats-202508.txt}}   * {{stats-202508.txt}}
 +  * {{stats-202509.txt}}
 +  * {{stats-202510.txt}}
mailing-lists/distros/stats/2025.1758676203.txt · Last modified: 2025/09/24 03:10 by solar
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate to DokuWiki Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki Powered by OpenVZ Powered by Openwall GNU/*/Linux