[Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for libvpx issue

Tue, 17 Feb 2026 04:54:00 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bdff08c8 by Salvatore Bonaccorso at 2026-02-17T13:53:35+01:00
Add Debian bug reference for libvpx issue

- - - - -
0a8548ec by Salvatore Bonaccorso at 2026-02-17T13:53:36+01:00
Remove todo item for libvpx issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -80,7 +80,7 @@ CVE-2026-2451 (Emails sent by pretix can utilize placeholders 
that will be fille
 CVE-2026-2447 (Heap buffer overflow in libvpx. This vulnerability affects 
Firefox < 1 ...)
        - firefox 147.0.4-1 (unimportant)
        - firefox-esr <unfixed> (unimportant)
-       - libvpx <unfixed>
+       - libvpx <unfixed> (bug #1128283)
        - thunderbird <unfixed> (unimportant)
        NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-10/
        NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-11/
@@ -88,7 +88,6 @@ CVE-2026-2447 (Heap buffer overflow in libvpx. This 
vulnerability affects Firefo
        NOTE: Same issue as CVE-2026-1861/chromium
        NOTE: https://issues.oss-fuzz.com/issues/476466137
        NOTE: 
https://chromium.googlesource.com/webm/libvpx/+/d5f35ac8d93cba7f7a3f7ddb8f9dc8bd28f785e1
-       TODO: check, libvpx might need a separate CVE for src:libvpx itself
 CVE-2026-2415 (Emails sent by pretix can utilize placeholders that will be 
filled wit ...)
        NOT-FOR-US: rami.io products
 CVE-2026-2101 (A Reflected Cross-site Scripting (XSS) vulnerability affecting 
ENOVIAv ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b1d3e50ae0490e3ee1b31ce6d982779388237108...0a8548ecf8fb38a60cfc501a8169c4ee5cd0a726

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b1d3e50ae0490e3ee1b31ce6d982779388237108...0a8548ecf8fb38a60cfc501a8169c4ee5cd0a726
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to