Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f384bce1 by Salvatore Bonaccorso at 2026-04-01T18:26:28+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -370,29 +370,29 @@ CVE-2026-34243 (wenxian is a tool to generate BIBTEX
files from given identifier
CVE-2026-34240 (JOSE is a Javascript Object Signing and Encryption (JOSE)
library. Pri ...)
TODO: check
CVE-2026-34237 (MCP Java SDK is the official Java SDK for Model Context
Protocol serve ...)
- TODO: check
+ NOT-FOR-US: MCP Java SDK
CVE-2026-34235 (PJSIP is a free and open source multimedia communication
library writt ...)
- pjproject <removed>
NOTE:
https://github.com/pjsip/pjproject/security/advisories/GHSA-pqrm-53pc-wx28
NOTE:
https://github.com/pjsip/pjproject/commit/f4c7d08211da1fe2ad1504434a0ad99d12aa7536
CVE-2026-34231 (Slippers is a UI component framework for Django. Prior to
version 0.6. ...)
- TODO: check
+ NOT-FOR-US: Slippers
CVE-2026-34227 (Sliver is a command and control framework that uses a custom
Wireguard ...)
- TODO: check
+ NOT-FOR-US: Sliver
CVE-2026-34224 (Parse Server is an open source backend that can be deployed to
any inf ...)
NOT-FOR-US: Parse Server
CVE-2026-34221 (MikroORM is a TypeScript ORM for Node.js based on Data Mapper,
Unit of ...)
- TODO: check
+ NOT-FOR-US: MikroORM
CVE-2026-34220 (MikroORM is a TypeScript ORM for Node.js based on Data Mapper,
Unit of ...)
- TODO: check
+ NOT-FOR-US: MikroORM
CVE-2026-34219 (libp2p-rust is the official rust language Implementation of
the libp2p ...)
TODO: check
CVE-2026-34218 (ClearanceKit intercepts file-system access events on macOS and
enforce ...)
- TODO: check
+ NOT-FOR-US: ClearanceKit
CVE-2026-34215 (Parse Server is an open source backend that can be deployed to
any inf ...)
NOT-FOR-US: Parse Server
CVE-2026-34214 (Trino is a distributed SQL query engine for big data
analytics. From v ...)
- TODO: check
+ NOT-FOR-US: Trino
CVE-2026-34210 (mppx is a TypeScript interface for machine payments protocol.
Prior to ...)
TODO: check
CVE-2026-34209 (mppx is a TypeScript interface for machine payments protocol.
Prior to ...)
@@ -402,21 +402,21 @@ CVE-2026-34206 (Captcha Protect is a Traefik middleware
to add an anti-bot chall
CVE-2026-34204 (MinIO is a high-performance object storage system. Prior to
version RE ...)
- minio <itp> (bug #859207)
CVE-2026-34203 (Nautobot is a Network Source of Truth and Network Automation
Platform. ...)
- TODO: check
+ NOT-FOR-US: Nautobot
CVE-2026-34202 (ZEBRA is a Zcash node written entirely in Rust. Prior to
zebrad versio ...)
- TODO: check
+ NOT-FOR-US: ZEBRA
CVE-2026-34200 (Nhost is an open source Firebase alternative with GraphQL.
Prior to ve ...)
- TODO: check
+ NOT-FOR-US: Nhost
CVE-2026-34172 (Giskard is an open-source Python library for testing and
evaluating ag ...)
- TODO: check
+ NOT-FOR-US: Giskard
CVE-2026-34165 (go-git is an extensible git implementation library written in
pure Go. ...)
TODO: check
CVE-2026-34163 (FastGPT is an AI Agent building platform. Prior to version
4.14.9.5, F ...)
- TODO: check
+ NOT-FOR-US: FastGPT
CVE-2026-34162 (FastGPT is an AI Agent building platform. Prior to version
4.14.9.5, t ...)
- TODO: check
+ NOT-FOR-US: FastGPT
CVE-2026-34156 (NocoBase is an AI-powered no-code/low-code platform for
building busin ...)
- TODO: check
+ NOT-FOR-US: NocoBase
CVE-2026-34155 (RAUC controls the update process on embedded Linux systems.
Prior to v ...)
- rauc 1.15.2-1
NOTE:
https://github.com/rauc/rauc/security/advisories/GHSA-6hj7-q844-m2hx
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f384bce1324970ce53767629208715ab17761fed
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f384bce1324970ce53767629208715ab17761fed
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
