[Git][security-tracker-team/security-tracker][master] Add new expat issues

Mon, 16 Mar 2026 14:36:08 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5baa32ac by Salvatore Bonaccorso at 2026-03-16T22:35:32+01:00
Add new expat issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -368,11 +368,20 @@ CVE-2026-4172 (A vulnerability was detected in TRENDnet 
TEW-632BRP 1.010B32. Thi
 CVE-2026-4171 (A security vulnerability has been detected in CodeGenieApp 
serverless- ...)
        NOT-FOR-US: CodeGenieApp serverless-express
 CVE-2026-32778 (libexpat before 2.7.5 allows a NULL pointer dereference in the 
functio ...)
-       TODO: check
+       - expat <unfixed>
+       NOTE: https://github.com/libexpat/libexpat/pull/1163
+       NOTE: Fixed by: 
https://github.com/libexpat/libexpat/commit/576b61e42feeea704253cb7c7bedb2eeb3754387
+       NOTE: Test: 
https://github.com/libexpat/libexpat/commit/d5fa769b7a7290a7e2c4a0b2287106dec9b3c030
 CVE-2026-32777 (libexpat before 2.7.5 allows an infinite loop while parsing 
DTD conten ...)
-       TODO: check
+       - expat <unfixed>
+       NOTE: https://github.com/libexpat/libexpat/issues/1161
+       NOTE: https://github.com/libexpat/libexpat/pull/1162
+       NOTE: Fixed by: 
https://github.com/libexpat/libexpat/commit/55cda8c7125986e17d7e1825cba413bd94a35d02
+       NOTE: Test: 
https://github.com/libexpat/libexpat/commit/a7805c1a8a48d2ce83ef289cf55bdc8b45de76a8
 CVE-2026-32776 (libexpat before 2.7.5 allows a NULL pointer dereference with 
empty ext ...)
-       TODO: check
+       - expat <unfixed>
+       NOTE: https://github.com/libexpat/libexpat/pull/1158
+       NOTE: Fixed by: 
https://github.com/libexpat/libexpat/commit/5be25657583ea91b09025c858b4785834c20f59c
 CVE-2026-32775 (libexif through 0.6.25 has a flaw in decoding MakerNotes. If 
the exif_ ...)
        TODO: check
 CVE-2026-31386 (OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed 
Technologies c ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5baa32ac3507569f43ffd08aacbcbaeccd25547c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5baa32ac3507569f43ffd08aacbcbaeccd25547c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to