Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d83bb726 by Salvatore Bonaccorso at 2026-02-16T17:03:16+01:00
Document followup for CVE-2026-2239
This is not covered strictly by the CVE, but the same poc provided
upstream uncovered another issue producing a crash in the psd plugin. So
document the required followup under the same CVE.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2910,6 +2910,8 @@ CVE-2026-2239 [PSD loader: heap-buffer-overflow in
fread_pascal_string() (no nul
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/15812
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/8cf2772f5631719ae0e4e701bd7ef793b1f59cfa
(master)
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/51a2d65a2df403f6da582173e0ddd7904356f5ae
(gimp-3-0 branch)
+ NOTE: Followup (not strictly part of the CVE, but a second problem
exposed):
+ NOTE:
https://gitlab.gnome.org/GNOME/gimp/-/commit/02886e626df5e4c5f73f838a64fd3f21809dda09
CVE-2026-1609
- keycloak <itp> (bug #1088287)
CVE-2025-11537 (A flaw was found in Keycloak. When the logging format is
configured to ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d83bb726a690e2b3aadd980121a49f9f145204e1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d83bb726a690e2b3aadd980121a49f9f145204e1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
