Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
992591da by Moritz Muehlenhoff at 2026-05-08T20:37:33+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10353,7 +10353,7 @@ CVE-2026-35368 (A vulnerability exists in the chroot
utility of uutils coreutils
[bookworm] - rust-coreutils <no-dsa> (Minor issue)
NOTE: https://github.com/uutils/coreutils/issues/10327
CVE-2026-35367 (The nohup utility in uutils coreutils creates its default
output file, ...)
- - rust-coreutils <unfixed>
+ - rust-coreutils <unfixed> (bug #1136046)
[trixie] - rust-coreutils <no-dsa> (Minor issue)
[bookworm] - rust-coreutils <no-dsa> (Minor issue)
NOTE: https://github.com/uutils/coreutils/issues/10021
@@ -10371,7 +10371,7 @@ CVE-2026-35365 (The mv utility in uutils coreutils
improperly handles directory
NOTE: https://github.com/uutils/coreutils/pull/10546
NOTE: Fixed by:
https://github.com/uutils/coreutils/commit/9654e4abaf24449ef2279e9a16963edb5c8b8fef
(0.7.0-1)
CVE-2026-35364 (A Time-of-Check to Time-of-Use (TOCTOU) race condition exists
in the m ...)
- - rust-coreutils <unfixed>
+ - rust-coreutils <unfixed> (bug #1136045)
[trixie] - rust-coreutils <no-dsa> (Minor issue)
[bookworm] - rust-coreutils <no-dsa> (Minor issue)
NOTE: https://github.com/uutils/coreutils/issues/10015
@@ -10393,7 +10393,7 @@ CVE-2026-35361 (The mknod utility in uutils coreutils
fails to handle security l
NOTE: https://github.com/uutils/coreutils/pull/10582
NOTE: Fixed by:
https://github.com/uutils/coreutils/commit/42b2ad83cdcf6e959ecb378c5040c60d9c64becf
(0.6.0)
CVE-2026-35360 (The touch utility in uutils coreutils is vulnerable to a
Time-of-Check ...)
- - rust-coreutils <unfixed>
+ - rust-coreutils <unfixed> (bug #1136044)
[trixie] - rust-coreutils <no-dsa> (Minor issue)
[bookworm] - rust-coreutils <no-dsa> (Minor issue)
NOTE: https://github.com/uutils/coreutils/issues/10019
@@ -10427,7 +10427,7 @@ CVE-2026-35355 (The install utility in uutils coreutils
is vulnerable to a Time-
NOTE: https://github.com/uutils/coreutils/pull/10067
NOTE: Fixed by:
https://github.com/uutils/coreutils/commit/b5bbabc18a1121908848d836f869a4e98eb63886
(0.6.0)
CVE-2026-35354 (A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists
in the mv ...)
- - rust-coreutils <unfixed>
+ - rust-coreutils <unfixed> (bug #1136043)
[trixie] - rust-coreutils <no-dsa> (Minor issue)
[bookworm] - rust-coreutils <no-dsa> (Minor issue)
NOTE: https://github.com/uutils/coreutils/issues/10014
@@ -10438,12 +10438,12 @@ CVE-2026-35353 (The mkdir utility in uutils coreutils
incorrectly applies permis
NOTE: https://github.com/uutils/coreutils/pull/10036
NOTE: Fixed by;
https://github.com/uutils/coreutils/commit/037b9583bc03d814e8516df54ebcda6f681fe1f8
(0.6.0)
CVE-2026-35352 (A Time-of-Check to Time-of-Use (TOCTOU) race condition exists
in the m ...)
- - rust-coreutils <unfixed>
+ - rust-coreutils <unfixed> (bug #1136042)
[trixie] - rust-coreutils <no-dsa> (Minor issue)
[bookworm] - rust-coreutils <no-dsa> (Minor issue)
NOTE: https://github.com/uutils/coreutils/issues/10020
CVE-2026-35351 (The mv utility in uutils coreutils fails to preserve file
ownership du ...)
- - rust-coreutils <unfixed>
+ - rust-coreutils <unfixed> (bug #1136041)
[trixie] - rust-coreutils <no-dsa> (Minor issue)
[bookworm] - rust-coreutils <no-dsa> (Minor issue)
NOTE: https://github.com/uutils/coreutils/issues/9714
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/992591da8248750d3ec0d2f9b8752b3813bb0cfb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/992591da8248750d3ec0d2f9b8752b3813bb0cfb
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
