Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 8d2fc034 by Moritz Muehlenhoff at 2026-02-09T20:40:32+01:00 new shiro issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,13 @@ +CVE-2026-23903 [shiro: Auth bypass when accessing static files only on case-insensitive filesystems] + - shiro <unfixed> + [trixie] - shiro <no-dsa> (Minor issue) + [bookworm] - shiro <no-dsa> (Minor issue) + NOTE: https://www.openwall.com/lists/oss-security/2026/02/08/1 +CVE-2026-23901 [shiro: Brute force attack possible to determine valid user names] + - shiro <unfixed> + [trixie] - shiro <no-dsa> (Minor issue) + [bookworm] - shiro <no-dsa> (Minor issue) + NOTE: https://www.openwall.com/lists/oss-security/2026/02/08/2 CVE-2026-23948 - freerdp3 3.22.0+dfsg-1 [trixie] - freerdp3 <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d2fc0349554ae2b50f1d59d25d428d4945fe1ee -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d2fc0349554ae2b50f1d59d25d428d4945fe1ee You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
