[Git][security-tracker-team/security-tracker][master] Fix typos in some NOTEs

Salvatore Bonaccorso (@carnil) Sat, 04 Apr 2026 02:47:06 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
833d8662 by Salvatore Bonaccorso at 2026-04-04T11:46:34+02:00
Fix typos in some NOTEs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1419,7 +1419,7 @@ CVE-2026-34528 (File Browser is a file managing interface 
for uploading, deletin
 CVE-2026-34525 (AIOHTTP is an asynchronous HTTP client/server framework for 
asyncio an ...)
        - python-aiohttp <unfixed> (bug #1132582)
        NOTE: 
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-c427-h43c-vf67
-       NOTE: Fixed by; 
https://github.com/aio-libs/aiohttp/commit/e00ca3cca92c465c7913c4beb763a72da9ed8349
 (v3.13.4)
+       NOTE: Fixed by: 
https://github.com/aio-libs/aiohttp/commit/e00ca3cca92c465c7913c4beb763a72da9ed8349
 (v3.13.4)
        NOTE: Fixed by: 
https://github.com/aio-libs/aiohttp/commit/53e2e6fc58b89c6185be7820bd2c9f40216b3000
 (v3.13.5)
 CVE-2026-34520 (AIOHTTP is an asynchronous HTTP client/server framework for 
asyncio an ...)
        - python-aiohttp <unfixed> (bug #1132582)
@@ -1428,7 +1428,7 @@ CVE-2026-34520 (AIOHTTP is an asynchronous HTTP 
client/server framework for asyn
 CVE-2026-34519 (AIOHTTP is an asynchronous HTTP client/server framework for 
asyncio an ...)
        - python-aiohttp <unfixed> (bug #1132582)
        NOTE: 
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-mwh4-6h8g-pg8w
-       NOTE: Fixed by; 
https://github.com/aio-libs/aiohttp/commit/53b35a2f8869c37a133e60bf1a82a1c01642ba2b
 (v3.13.4)
+       NOTE: Fixed by: 
https://github.com/aio-libs/aiohttp/commit/53b35a2f8869c37a133e60bf1a82a1c01642ba2b
 (v3.13.4)
 CVE-2026-34518 (AIOHTTP is an asynchronous HTTP client/server framework for 
asyncio an ...)
        - python-aiohttp <unfixed> (bug #1132582)
        NOTE: 
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-966j-vmvw-g2g9
@@ -2700,7 +2700,7 @@ CVE-2026-5123 (A weakness has been identified in osrg 
GoBGP up to 4.3.0. This im
 CVE-2026-5122 (A security flaw has been discovered in osrg GoBGP up to 4.3.0. 
This af ...)
        - gobgp <unfixed>
        NOTE: https://github.com/osrg/gobgp/pull/3343
-       NOTE: Fixed by; 
https://github.com/osrg/gobgp/commit/2b09db390a3d455808363c53e409afe6b1b86d2d 
(v4.4.0)
+       NOTE: Fixed by: 
https://github.com/osrg/gobgp/commit/2b09db390a3d455808363c53e409afe6b1b86d2d 
(v4.4.0)
 CVE-2026-5121 (A flaw was found in libarchive. On 32-bit systems, an integer 
overflow ...)
        - libarchive <unfixed>
        NOTE: https://github.com/libarchive/libarchive/pull/2934
@@ -12641,7 +12641,7 @@ CVE-2026-31826 (pypdf is a free and open-source 
pure-python PDF library. Prior t
        [bookworm] - pypdf2 <no-dsa> (Minor issue)
        NOTE: 
https://github.com/py-pdf/pypdf/security/advisories/GHSA-hqmh-ppp3-xvm7
        NOTE: https://github.com/py-pdf/pypdf/pull/3675
-       NOTE: Fixed by; 
https://github.com/py-pdf/pypdf/commit/3c550b3196adeba1506a26e57c09c09fac75e9aa 
(6.8.0)
+       NOTE: Fixed by: 
https://github.com/py-pdf/pypdf/commit/3c550b3196adeba1506a26e57c09c09fac75e9aa 
(6.8.0)
 CVE-2026-31825 (Sylius is an Open Source eCommerce Framework on Symfony. 
Sylius API fi ...)
        NOT-FOR-US: Sylius
 CVE-2026-31824 (Sylius is an Open Source eCommerce Framework on Symfony. A 
Time-of-Che ...)
@@ -25362,7 +25362,7 @@ CVE-2026-25530 (Kanboard is project management software 
focused on Kanban method
 CVE-2026-24885 (Kanboard is project management software focused on Kanban 
methodology. ...)
        - kanboard 1.2.50+ds-1 (bug #1127694)
        NOTE: 
https://github.com/kanboard/kanboard/security/advisories/GHSA-582j-h4w4-hwr5
-       NOTE: Fixed by; 
https://github.com/kanboard/kanboard/commit/2c56d92783d4a3094812c2f7cba50f80a372f95e
 (v1.2.50)
+       NOTE: Fixed by: 
https://github.com/kanboard/kanboard/commit/2c56d92783d4a3094812c2f7cba50f80a372f95e
 (v1.2.50)
 CVE-2026-24343 (Improper Neutralization of Data within XPath Expressions 
('XPath Injec ...)
        NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-24045 (Docmost is open-source collaborative wiki and documentation 
software.  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/833d8662949ee1e61d7cf707ab5c181d17b1cd29

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/833d8662949ee1e61d7cf707ab5c181d17b1cd29
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Fix typos in some NOTEs

Reply via email to