Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a4599c1f by Salvatore Bonaccorso at 2026-03-10T08:20:18+01:00
Add CVE-2026-30838/php-league-commonmark
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -469,7 +469,10 @@ CVE-2026-30850 (Parse Server is an open source backend
that can be deployed to a
CVE-2026-30848 (Parse Server is an open source backend that can be deployed to
any inf ...)
NOT-FOR-US: Parse Server
CVE-2026-30838 (league/commonmark is a PHP Markdown parser. Prior to version
2.8.1, th ...)
- TODO: check
+ - php-league-commonmark 2.8.1-1
+ NOTE:
https://github.com/thephpleague/commonmark/security/advisories/GHSA-4v6x-c7xx-hw9f
+ NOTE: Regression test:
https://github.com/thephpleague/commonmark/commit/f6e74434dd1a91f195f80cb0184b746a4187272a
(2.8.1)
+ NOTE: Fixed by:
https://github.com/thephpleague/commonmark/commit/5c0c4c8fe5a31e8260be99e0afad7136a27c79e6
(2.8.1)
CVE-2026-30834 (PinchTab is a standalone HTTP server that gives AI agents
direct contr ...)
NOT-FOR-US: PinchTab
CVE-2026-30832 (Soft Serve is a self-hostable Git server for the command line.
From ve ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4599c1f09a55b5c8afc0884735b52301f6c2b65
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4599c1f09a55b5c8afc0884735b52301f6c2b65
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
