Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c24bdf19 by Salvatore Bonaccorso at 2026-02-27T09:34:57+01:00
Add CVE-2026-28364/ocaml
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -68,7 +68,10 @@ CVE-2026-28370 (In the query parser in OpenStack Vitrage
before 12.0.1, 13.0.0,
- vitrage <unfixed>
TODO: check details
CVE-2026-28364 (In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer
over-read in Mar ...)
- TODO: check
+ - ocaml <unfixed>
+ NOTE: https://osv.dev/vulnerability/OSEC-2026-01
+ NOTE: Fixed by:
https://github.com/ocaml/ocaml/commit/e3919fef436f89271bc30bbe8592851f7289fb68
(5.4.1)
+ NOTE: Fixed by:
https://github.com/ocaml/ocaml/commit/b0a2614684a52acded784ec213f14ddfe085d146
(4.13.3)
CVE-2026-28363 (In OpenClaw before 2026.2.23, tools.exec.safeBins validation
for sort ...)
NOT-FOR-US: OpenClaw
CVE-2026-28280 (osctrl is an osquery management solution. Prior to version
0.5.0, a st ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c24bdf19291403027baffd0fb0eb2c64ff6db3e4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c24bdf19291403027baffd0fb0eb2c64ff6db3e4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
