[Git][security-tracker-team/security-tracker][master] Track fixed version for three apache-opennlp issues via unstable

Wed, 06 May 2026 01:27:12 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3ef33797 by Salvatore Bonaccorso at 2026-05-06T10:24:46+02:00
Track fixed version for three apache-opennlp issues via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -534,7 +534,7 @@ CVE-2026-42809 (Apache Polaris can issue broad temporary 
("vended") storage cred
 CVE-2026-42796 (Arelle before 2.39.10 contains an unauthenticated remote code 
executio ...)
        NOT-FOR-US: Arelle
 CVE-2026-42440 (OOM Denial of Service via Unbounded Array Allocation in Apache 
OpenNLP ...)
-       - apache-opennlp <unfixed> (bug #1135782)
+       - apache-opennlp 2.5.9-1 (bug #1135782)
        NOTE: https://www.openwall.com/lists/oss-security/2026/05/01/21
        NOTE: https://issues.apache.org/jira/browse/OPENNLP-1821
        NOTE: https://github.com/apache/opennlp/pull/1022
@@ -640,7 +640,7 @@ CVE-2026-42052 (Beets is the media library management 
system. Prior to version 2
        - beets <unfixed> (bug #1135779)
        NOTE: 
https://github.com/beetbox/beets/security/advisories/GHSA-3gxm-wfjx-m847
 CVE-2026-42027 (Arbitrary Class Instantiation via Model Manifest in Apache 
OpenNLP Ext ...)
-       - apache-opennlp <unfixed> (bug #1135782)
+       - apache-opennlp 2.5.9-1 (bug #1135782)
        NOTE: https://www.openwall.com/lists/oss-security/2026/05/01/20
        NOTE: https://issues.apache.org/jira/browse/OPENNLP-1820
        NOTE: https://github.com/apache/opennlp/pull/1021
@@ -669,7 +669,7 @@ CVE-2026-41471 (Easy PayPal Events & Tickets plugin for 
WordPress versions 1.3 a
 CVE-2026-40797 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-40682 (XML External Entity (XXE) via Unsanitized Dictionary Parsing 
in Apache ...)
-       - apache-opennlp <unfixed> (bug #1135782)
+       - apache-opennlp 2.5.9-1 (bug #1135782)
        NOTE: https://www.openwall.com/lists/oss-security/2026/05/01/19
        NOTE: https://issues.apache.org/jira/browse/OPENNLP-1819
        NOTE: https://github.com/apache/opennlp/pull/1019



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef33797e75007522888015310732dd11a4e840c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef33797e75007522888015310732dd11a4e840c
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to