[ubuntu/questing-security] iperf3 3.18-2ubuntu0.1 (Accepted)
Shishir Subedi
shishirsub10 at gmail.com
Wed Jan 21 06:53:49 UTC 2026
iperf3 (3.18-2ubuntu0.1) questing-security; urgency=medium
* SECURITY UPDATE: Heap based buffer overflow
- debian/patches/CVE-2025-54349.patch: fix off-by-one heap overflow
in src/iperf_auth.c by allocating additional byte for null terminator
- CVE-2025-54349
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2025-54350.patch: remove assertion that could
cause crashes on malformed authentication attempts
- CVE-2025-54350
* debian/patches/fix-auth-tests.patch: fix FTBFS by resolving issue with
openssl 3.5.3 encrypt
Date: 2026-01-20 12:01:11.676294+00:00
Changed-By: Shishir Subedi <shishirsub10 at gmail.com>
https://launchpad.net/ubuntu/+source/iperf3/3.18-2ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Questing-changes
mailing list