Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a31ba7ce by Salvatore Bonaccorso at 2026-02-25T12:09:14+01:00
Add CVE-2026-27606/node-rollup
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -114,7 +114,11 @@ CVE-2026-27608 (Parse Dashboard is a standalone dashboard
for managing Parse Ser
CVE-2026-27607 (RustFS is a distributed object storage system built in Rust.
In versio ...)
NOT-FOR-US: RustFS
CVE-2026-27606 (Rollup is a module bundler for JavaScript. Versions prior to
2.80.0, 3 ...)
- TODO: check
+ - node-rollup <unfixed>
+ NOTE:
https://github.com/rollup/rollup/security/advisories/GHSA-mw96-cpmx-2vgc
+ NOTE: Fixed by:
https://github.com/rollup/rollup/commit/c60770d7aaf750e512c1b2774989ea4596e660b2
(v4.59.0)
+ NOTE: Fixed by:
https://github.com/rollup/rollup/commit/c8cf1f9c48c516285758c1e11f08a54f304fd44e
(v3.30.0)
+ NOTE: Fixed by:
https://github.com/rollup/rollup/commit/d6dee5e99bb82aac0bee1df4ab9efbde455452c3
(v2.28.0)
CVE-2026-27598 (Dagu is a workflow engine with a built-in Web user interface.
In versi ...)
NOT-FOR-US: Dagu
CVE-2026-27597 (Enclave is a secure JavaScript sandbox designed for safe AI
agent code ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a31ba7ce8d9cd596524143cbb16dd3995c90c187
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a31ba7ce8d9cd596524143cbb16dd3995c90c187
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
