[Git][security-tracker-team/security-tracker][master] Add CVE-2026-26960/node-tar

Fri, 20 Feb 2026 01:05:33 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
dbcd6b5c by Salvatore Bonaccorso at 2026-02-20T10:04:57+01:00
Add CVE-2026-26960/node-tar

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -121,7 +121,10 @@ CVE-2026-26964 (Windmill is an open-source developer 
platform for internal code:
 CVE-2026-26963 (Cilium is a networking, observability, and security solution 
with an e ...)
        - cilium <itp> (bug #858303)
 CVE-2026-26960 (node-tar is a full-featured Tar for Node.js. When using 
default option ...)
-       TODO: check
+       - node-tar <unfixed>
+       NOTE: 
https://github.com/isaacs/node-tar/security/advisories/GHSA-83g3-92jg-28cx
+       NOTE: Fixed by: 
https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384
 (v7.5.8)
+       NOTE: Fixed by: 
https://github.com/isaacs/node-tar/commit/d18e4e1f846f4ddddc153b0f536a19c050e7499f
 (v7.5.8)
 CVE-2026-26959 (ADB Explorer is a fluent UI for ADB on Windows. Versions 
0.9.26020 and ...)
        NOT-FOR-US: ADB Explorer
 CVE-2026-26958 (filippo.io/edwards25519 is a Go library implementing the 
edwards25519  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dbcd6b5c3f0fc539d22ca22e486f03a8f65fe5bd

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dbcd6b5c3f0fc539d22ca22e486f03a8f65fe5bd
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to