request #46378 Wasmtime: 36.0.2 -> 36.0.4

Infos

Artifact ID#46378

Submitted byThomas Gerbet (tgerbet)

Last Modified On2026-01-15 14:34

Submitted on2026-01-15 07:48

Rank48103

Details

Summary *

Wasmtime: 36.0.2 -> 36.0.4

Original Submission

CVE-2025-64345 does not Tuleap usage. The compilation DoS fixed in 36.0.4 also does not impact Tuleap, a module crafted to trigger it will end up being disabled by Tuleap.

Changes:
https://github.com/bytecodealliance/wasmtime/releases/tag/v36.0.3
https://github.com/bytecodealliance/wasmtime/releases/tag/v36.0.4

CategoryTuleap Functions

Reported in versionAll

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toThomas Gerbet (tgerbet)

StatusClosed

Close date2026-01-15

Attachments

AttachmentsEmpty

References

Cross references

Referencing request #46378

Git commit

tuleap/tuleap/stable

chore: request #46378 Wasmtime: 36.0.2 -> 36.0.4 36a6cf7252

Thomas Gerbet (tgerbet) , 2026-01-15 08:06

Merge commit 'refs/changes/47/36647/1' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD 6357414e1c

Kevin Traini (ktraini) , 2026-01-15 14:33

Show items referenced by request #46378

Referenced by request #46378

Artifact

rel #46324 17.3

Git commit

tuleap/tuleap/stable

chore: request #46378 Wasmtime: 36.0.2 -> 36.0.4 36a6cf7252

Thomas Gerbet (tgerbet) , 2026-01-15 08:06

Other

gerrit #36647

Follow-ups

Kevin Traini (ktraini)

2026-01-15 14:34

Connected artifacts
- Added Fixed in: rel #46324

Tracker Workflow Manager (forge__tracker_workflow_manager)

2026-01-15 14:33

Closed by @tgerbet with git #tuleap/stable/36a6cf7252a12b913027aa0505a1538d56b0fc6e.

Status changed from Under review to Closed
Close date set to 2026-01-15

Thomas Gerbet (tgerbet)

2026-01-15 08:10

See gerrit #36647.

Status changed from Under implementation to Under review

Public

Referencing request #46378

Git commit

tuleap/tuleap/stable

Referenced by request #46378

Artifact

Git commit

tuleap/tuleap/stable

Other

Follow-ups