Pop-Up Thingie
Sidebar
>>> Magnum BBS <<<
Home
Forum
Files
Dark
Log in
Username
Password
Sidebar
Forum
Usenet
LINUX.DEBIAN.BUGS.DIST
Bug#1105919: node-undici: CVE-2025-23167
From
Salvatore Bonaccorso
@21:1/5 to
All
on Sat May 17 12:00:01 2025
Source: node-undici
Version: 7.3.0+dfsg1+~cs24.12.11-1
Severity: important
Tags: security upstream
X-Debbugs-Cc:
carnil@debian.org
, Debian Security Team <
team@security.debian.org
>
Hi,
The following vulnerability was published for node-undici.
CVE-2025-23167[0]:
| Improper HTTP header block termination in llhttp
This is an issue from the latest node.js advisory affecting llhttp,
can you double check how it affects node-undici's embedded copy?
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0]
https://security-tracker.debian.org/tracker/CVE-2025-23167
https://www.cve.org/CVERecord?id=CVE-2025-23167
[1]
https://nodejs.org/en/blog/vulnerability/may-2025-security-releases#improper-http-header-block-termination-in-llhttp-cve-2025-23167---medium
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)
Who's Online
Recent Visitors
Logan
Sun Jun 8 15:24:00 2025
from
Adelaide
via
Telnet
Plume
Sun Jun 8 14:13:27 2025
from
Uk
via
SSH
Bob Worm
Sun Jun 8 13:48:17 2025
from
Wales, Uk
via
Telnet
Jack
Sun Jun 8 06:41:19 2025
from
Mississipi
via
Telnet
Centurion
Sun Jun 8 00:08:04 2025
from
Berea, Ohio
via
Telnet
Centurion
Sat Jun 7 21:52:22 2025
from
Berea, Ohio
via
Telnet
Tnmoc
Sat Jun 7 13:44:20 2025
from
Milton Keynes
via
Telnet
Tnmoc
Sat Jun 7 13:40:01 2025
from
Milton Keynes
via
Telnet
System Info
Sysop:
Keyop
Location:
Huddersfield, West Yorkshire, UK
Users:
488
Nodes:
16 (
2
/
14
)
Uptime:
04:28:00
Calls:
9,663
Calls today:
5
Files:
13,709
Messages:
6,166,774
Posted today:
2