Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
25261d02 by Thorsten Alteholz at 2026-04-03T10:53:52+02:00
mark CVE-2026-22891, CVE-2026-20777 and CVE-2025-64736 as postponed for Bullseye
- - - - -
0c7a3640 by Thorsten Alteholz at 2026-04-03T10:53:54+02:00
mark CVE-2026-32274 as postponed for Bullseye
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10941,6 +10941,7 @@ CVE-2026-32274 (Black is the uncompromising Python code
formatter. Prior to 26.3
- black 26.3.1-1 (bug #1130657)
[trixie] - black <no-dsa> (Minor issue)
[bookworm] - black <no-dsa> (Minor issue)
+ [bullseye] - black <postponed> (Minor issue)
NOTE:
https://github.com/psf/black/security/advisories/GHSA-3936-cmfr-pm3m
NOTE: https://github.com/psf/black/pull/5038
NOTE: Fixed by:
https://github.com/psf/black/commit/4937fe6cf241139ddbfc16b0bdbb5b422798909d
(26.3.1)
@@ -15967,6 +15968,7 @@ CVE-2026-22891 (A heap-based buffer overflow
vulnerability exists in the Intan C
- biosig <unfixed> (bug #1130889)
[trixie] - biosig <no-dsa> (Minor issue)
[bookworm] - biosig <no-dsa> (Minor issue)
+ [bullseye] - biosig <postponed> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2026-2361
NOTE: Fixed by:
https://sourceforge.net/p/biosig/code/ci/3002bdc6f46225a4e76caefdd2444276e6c5b0a7/
(v3.9.3)
CVE-2026-22886 (OpenMQ exposes a TCP-based management service (imqbrokerd)
that by def ...)
@@ -15975,6 +15977,7 @@ CVE-2026-20777 (A heap-based buffer overflow
vulnerability exists in the Nicolet
- biosig <unfixed> (bug #1130889)
[trixie] - biosig <no-dsa> (Minor issue)
[bookworm] - biosig <no-dsa> (Minor issue)
+ [bullseye] - biosig <postponed> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2026-2362
NOTE: Fixed by:
https://sourceforge.net/p/biosig/code/ci/abe197c3627256ef3615a2d2f808ded069e1df4b/
(v3.9.3)
CVE-2026-1265 (IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is
vulnera ...)
@@ -16000,6 +16003,7 @@ CVE-2025-64736 (An out-of-bounds read vulnerability
exists in the ABF parsing fu
- biosig <unfixed> (bug #1130889)
[trixie] - biosig <no-dsa> (Minor issue)
[bookworm] - biosig <no-dsa> (Minor issue)
+ [bullseye] - biosig <postponed> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2323
NOTE: Fixed by:
https://sourceforge.net/p/biosig/code/ci/718741c09e0b065b8ad0ebf66128a44899554930/
(v3.9.3)
CVE-2025-63912 (Cohesity TranZman Migration Appliance Release 4.0 Build 14614
was disc ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3ded958274b3615fe037b6ed5f0d66b8d9af0846...0c7a36400ffd6e084fb748581cd22c3a50292f45
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3ded958274b3615fe037b6ed5f0d66b8d9af0846...0c7a36400ffd6e084fb748581cd22c3a50292f45
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
