[Git][security-tracker-team/security-tracker][master] Add new python-authlib issues

Mon, 16 Mar 2026 14:57:55 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a5931d81 by Salvatore Bonaccorso at 2026-03-16T22:57:20+01:00
Add new python-authlib issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -147,13 +147,19 @@ CVE-2026-29513 (Hereta ETH-IMC408M firmware version 
1.0.15 and prior contain a s
 CVE-2026-29510 (Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a 
stored  ...)
        NOT-FOR-US: Hereta
 CVE-2026-28498 (Authlib is a Python library which builds OAuth and OpenID 
Connect serv ...)
-       TODO: check
+       - python-authlib 1.6.9-1
+       NOTE: 
https://github.com/authlib/authlib/security/advisories/GHSA-m344-f55w-2m6j
+       NOTE: Fixed by: 
https://github.com/authlib/authlib/commit/b9bb2b25bf8b7e01512d847a95c1749646eaa72b
 (v1.6.9)
 CVE-2026-28490 (Authlib is a Python library which builds OAuth and OpenID 
Connect serv ...)
-       TODO: check
+       - python-authlib 1.6.9-1
+       NOTE: 
https://github.com/authlib/authlib/security/advisories/GHSA-7432-952r-cw78
+       NOTE: Fixed by: 
https://github.com/authlib/authlib/commit/48b345f29f6c459f11c6a40162b6c0b742ef2e22
 (v1.6.9)
 CVE-2026-28430 (Chamilo LMS is a learning management system. Prior to version 
1.11.34, ...)
        NOT-FOR-US: Chamilo LMS
 CVE-2026-27962 (Authlib is a Python library which builds OAuth and OpenID 
Connect serv ...)
-       TODO: check
+       - python-authlib 1.6.9-1
+       NOTE: 
https://github.com/authlib/authlib/security/advisories/GHSA-wvwj-cvrp-7pv5
+       NOTE: Fixed by: 
https://github.com/authlib/authlib/commit/a5d4b2d4c9e46bfa11c82f85fdc2bcc0b50ae681
 (v1.6.9)
 CVE-2026-26304 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2 fail to 
verify  ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2026-26246 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 
10.11.x <= 10. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5931d81ab8daa9f9c1fb2ecb5622e17bdfeebda

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5931d81ab8daa9f9c1fb2ecb5622e17bdfeebda
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to