Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fc89ff43 by Salvatore Bonaccorso at 2026-03-06T22:04:19+01:00
Add CVE-2026-28802/python-authlib
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -321,7 +321,11 @@ CVE-2026-28804 (pypdf is a free and open-source
pure-python PDF library. Prior t
NOTE: https://github.com/py-pdf/pypdf/pull/3666
NOTE: Fixed by:
https://github.com/py-pdf/pypdf/commit/648c627d2657447dfb1773412af05a0a5103b98f
(6.7.5)
CVE-2026-28802 (Authlib is a Python library which builds OAuth and OpenID
Connect serv ...)
- TODO: check
+ - python-authlib 1.6.7-1
+ [bookworm] - python-authlib <not-affected> (Vulnerable code not present)
+ NOTE:
https://github.com/authlib/authlib/security/advisories/GHSA-7wc2-qxgw-g8gg
+ NOTE: Introduced with:
https://github.com/authlib/authlib/commit/a61c2acb807496e67f32051b5f1b1d5ccf8f0a75
(v1.6.0)
+ NOTE: Fixed by:
https://github.com/authlib/authlib/commit/b87c32ed07b8ae7f805873e1c9cafd1016761df7
(v1.6.7)
CVE-2026-28801 (Natro Macro is an open-source Bee Swarm Simulator macro
written in Aut ...)
TODO: check
CVE-2026-28800 (Natro Macro is an open-source Bee Swarm Simulator macro
written in Aut ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc89ff4379c3e9e63dd0bdf0283627401c4bf326
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc89ff4379c3e9e63dd0bdf0283627401c4bf326
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
