Jeremy Bícha pushed to branch master at Debian Security Tracker / security-tracker
Commits: 09b03d5c by Jeremy Bícha at 2026-05-11T13:42:07-04:00 Add yelp issue that is public but CVE is pending - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,8 @@ +CVE-2026-XXXX [yelp: Sandbox escape] + - yelp 49.1-1 (bug ##1136299) + NOTE: https://blogs.gnome.org/mcatanzaro/2026/05/11/flatpak-sandbox-escape-via-yelp/ + NOTE: Fixed by: https://gitlab.gnome.org/GNOME/yelp/-/commit/d220aa2f754eed4e6a006a4acaa68b31892dea2b (49.1) + NOTE: Fixed by: https://gitlab.gnome.org/GNOME/yelp/-/commit/c8c8244c8a812860782d635890c9b6c43ecc2639 (49.1) CVE-2026-XXXX [openpgp: Don't imply missing key flags from key type] - rust-sequoia-openpgp <unfixed> NOTE: Fixed by: https://gitlab.com/sequoia-pgp/sequoia/-/commit/58214b47b110e110432731f8fc5dec71918c4254 (openpgp/v2.3.0) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09b03d5cf06df192a546881ff7ee440c1ecaa537 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09b03d5cf06df192a546881ff7ee440c1ecaa537 You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
