[Git][security-tracker-team/security-tracker][master] 2 commits: auto-nfu: Add another product for the Apache CNA rule

Salvatore Bonaccorso (@carnil) Sat, 02 May 2026 01:39:05 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
cf0a9d09 by Salvatore Bonaccorso at 2026-05-02T10:38:39+02:00
auto-nfu: Add another product for the Apache CNA rule

- - - - -
50f3f117 by Salvatore Bonaccorso at 2026-05-02T10:38:39+02:00
Process some new NFUs

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -202,11 +202,11 @@ CVE-2026-42468 (Buffer overflow vulnerability in Open 
Vehicle Monitoring System
 CVE-2026-42467 (An issue was discovered in Open-SAE-J1939 thru commit 
b6caf884df46435e ...)
        NOT-FOR-US: Open-SAE-J1939
 CVE-2026-42404 (Apache Neethi does not impose any restrictions on URIs when 
manually f ...)
-       TODO: check
+       NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-42403 (Apache Neethi does not properly detect circular references in 
policy d ...)
-       TODO: check
+       NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-42402 (Apache Neethi is vulnerable to a Denial of Service attack 
through algo ...)
-       TODO: check
+       NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-40201 (@diplodoc/search-extension 1.0.0 through 3.x before 3.0.3 
allows store ...)
        NOT-FOR-US: diplodoc/search-extension
 CVE-2026-3772 (The WP Editor plugin for WordPress is vulnerable to Cross-Site 
Request ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -344,6 +344,7 @@
       - product: Apache Kyuubi
       - product: Apache Livy
       - product: Apache Mynewt NimBLE
+      - product: Apache Neethi
       - product: Apache NiFi
       - product: Apache NimBLE
       - product: Apache NuttX RTOS



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/cc4f9e2f08e99701f9b776c5418f8b2150a5252e...50f3f117fe95697ef241a3b23c98a07c68e22f97

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/cc4f9e2f08e99701f9b776c5418f8b2150a5252e...50f3f117fe95697ef241a3b23c98a07c68e22f97
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 2 commits: auto-nfu: Add another product for the Apache CNA rule

Reply via email to