[kea-announce] Pre-announcement of Kea security issues scheduled for disclosure 28 May 2025

[Suzanne Goldlust]

As part of our policy of pre-notification of upcoming security releases, we are writing to inform you that the May 2025 Kea maintenance releases that will be published on Wednesday, 28 May, will contain patches for security vulnerabilities affecting stable Kea release branches.

Further details about those vulnerabilities will be publicly disclosed at the time the releases are published. It is our hope that this pre-announcement will aid Kea administrators in preparing for that disclosure when it occurs. If you have feedback or questions concerning this policy, please open a confidential GitLab issue at https://gitlab.isc.org/isc-projects/kea/-/issues/new?issue[confidential]=true (preferred) or send an email to kea-security at isc.org.