Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7ddf8be5 by Moritz Mühlenhoff at 2026-04-03T18:24:11+02:00
trixie/bookworm triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -716,19 +716,25 @@ CVE-2026-5318 (A weakness has been identified in LibRaw
up to 0.22.0. This impac
NOTE: Fixed by:
https://github.com/LibRaw/LibRaw/commit/a6734e867b19d75367c05f872ac26322464e3995
CVE-2026-5317 (A security flaw has been discovered in Nothings stb up to 1.22.
This a ...)
- libstb <unfixed>
- TODO: check upstream details
+ [trixie] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <no-dsa> (Minor issue)
+ NOTE: https://github.com/nothings/stb/issues/1928 (issue #15)
CVE-2026-5316 (A vulnerability was identified in Nothings stb up to 1.22. The
impacte ...)
- libstb <unfixed>
- TODO: check upstream details
+ [trixie] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <no-dsa> (Minor issue)
CVE-2026-5315 (A vulnerability was determined in Nothings stb up to 1.26. The
affecte ...)
- libstb <unfixed>
- TODO: check upstream details
+ [trixie] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <no-dsa> (Minor issue)
CVE-2026-5314 (A vulnerability was found in Nothings stb up to 1.26. Impacted
is the ...)
- libstb <unfixed>
- TODO: check upstream details
+ [trixie] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <no-dsa> (Minor issue)
CVE-2026-5313 (A vulnerability has been found in Nothings stb up to 2.30. This
issue ...)
- libstb <unfixed>
- TODO: check upstream details
+ [trixie] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <no-dsa> (Minor issue)
CVE-2026-5312 (A weakness has been identified in D-Link DNS-120, DNR-202L,
DNS-315L, ...)
NOT-FOR-US: D-Link
CVE-2026-5311 (A security flaw has been discovered in D-Link DNS-120,
DNR-202L, DNS-3 ...)
@@ -5561,7 +5567,9 @@ CVE-2026-31788 (In the Linux kernel, the following
vulnerability has been resolv
CVE-2026-4775 (A flaw was found in the libtiff library. A remote attacker
could explo ...)
- tiff <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2450768
- TODO: check details
+ NOTE: https://gitlab.com/libtiff/libtiff/-/work_items/807
+ NOTE: https://gitlab.com/libtiff/libtiff/-/work_items/787
+ NOTE:
https://gitlab.com/libtiff/libtiff/-/commit/782a11d6b5b61c6dc21e714950a4af5bf89f023c
CVE-2026-4649 (Apache Artemis before version 2.52.0 is affected by an
authentication ...)
NOT-FOR-US: Apache Artemis as used in KNIME Business Hub
CVE-2026-33769 (Astro is a web framework. From version 2.10.10 to before
version 5.18. ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -26,6 +26,8 @@ dovecot (jmm)
--
frr
--
+gdk-pixbuf
+--
gh/oldstable
Santiago Vila might work on preparing an update
--
@@ -94,6 +96,8 @@ sympa/oldstable
systemd
Ping maintainer about updates
--
+tiff
+--
tor (jmm)
--
valkey
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ddf8be55567961edd7b6775967e8ccba9c50276
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ddf8be55567961edd7b6775967e8ccba9c50276
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
