Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4f25a392 by Salvatore Bonaccorso at 2026-05-05T22:52:49+02:00
Ignore CVE-2026-7381 for trixie and bookworm
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2885,10 +2885,11 @@ CVE-2026-33846 (A heap buffer overflow vulnerability
exists in the DTLS handshak
NOTE: Fixed by:
https://gitlab.com/gnutls/gnutls/-/commit/65ab33fa54e34fba69d793735b7df3d383d1ff78
(3.8.13)
CVE-2026-7381 (Plack::Middleware::XSendfile versions through 1.0053 for Perl
can allo ...)
- libplack-perl <unfixed> (bug #1135324)
- [trixie] - libplack-perl <no-dsa> (Minor issue)
- [bookworm] - libplack-perl <no-dsa> (Minor issue)
+ [trixie] - libplack-perl <ignored> (Minor issue)
+ [bookworm] - libplack-perl <ignored> (Minor issue)
[bullseye] - libplack-perl <postponed> (Minor issue; can be fixed in
next update)
NOTE: https://lists.security.metacpan.org/cve-announce/msg/39467666/
+ NOTE: Plack::Middleware::XSendfile documented as deprecated.
CVE-2026-40684 (In Exim before 4.99.2, on systems using musl libc (not glibc),
an atta ...)
- exim4 4.99.2-1 (unimportant)
NOTE: Fixed by:
https://code.exim.org/exim/exim/commit/628bbaca7672748d941a12e7cd5f0122a4e18c81
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f25a39256ab3d0af8d9981b78a7c9e8ac94987c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f25a39256ab3d0af8d9981b78a7c9e8ac94987c
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
