blob: 225f01deb92936abb2ab7f004a6856f6b2a47b93 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
[release.sagitta]
latest = "1.4.2"
security_advisory = [
{cve="CVE-2025-30095", title="Private key reuse in Dropbear SSH server", description="A Dropbear private key was included in the image at build time and not regenerated, making console server SSH connections vulnerable to MitM attacks..", status="fixed"},
{cve="CVE-2023-32728", title="Code injection in zabbix_agent2 smartctl plugin", description="Certain configurations of Zabbix agent were vulnerable to remote code execution. This issue was previously fixed by a hotfix and is now included in the image.", status="Fixed"},
{cve="CVE-2024-3596", title="Blast-RADIUS", description="The Blast-RADIUS vulnerability is present in 1.4.2 and will be fixed in subsequent releases. Make sure your routers are not communicating with RADIUS servers over untrusted networks.", status="Present"}
]
notes = "Maintenance and security release"
[release.equuleus]
latest = "1.3.8"
security_advisory = []
notes = "Unsupported — VyOS 1.3 has reached end of life in April 2025."
|
