[Git][security-tracker-team/security-tracker][master] 2 commits: lts: claim nginx in dla-needed.txt

Thu, 14 May 2026 05:15:23 -0700 


Carlos Henrique Lima Melara pushed to branch master at Debian Security Tracker 
/ security-tracker


Commits:
3f7af067 by Carlos Henrique Lima Melara at 2026-05-14T14:14:29+02:00
lts: claim nginx in dla-needed.txt

- - - - -
99846aa1 by Carlos Henrique Lima Melara at 2026-05-14T14:14:37+02:00
CVE-2025-53859/nginx: add reference to commit fixing the CVE

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -119132,6 +119132,7 @@ CVE-2025-53859 (NGINX Open Source and NGINX Plus have 
a vulnerability in the ngx
        [bullseye] - nginx <postponed> (minor issue)
        NOTE: https://www.openwall.com/lists/oss-security/2025/08/13/5
        NOTE: https://nginx.org/download/patch.2025.smtp.txt
+       NOTE: Fixed by: 
https://github.com/nginx/nginx/commit/765642b86e0df1b5ef37f42522be7d08d95909c9 
(release-1.29.1)
 CVE-2025-54472 (Unlimited memory allocation in redis protocol parser in Apache 
bRPC (a ...)
        - brpc <itp> (bug #1060006)
 CVE-2024-36331 (Improper initialization of CPU cache memory could allow a 
privileged a ...)


=====================================
data/dla-needed.txt
=====================================
@@ -341,7 +341,7 @@ netty (rouca)
   NOTE: 20260114: fix remaining CVE wait DSA (rouca)
   NOTE: 20200331: release DLA-4519-1 netty. Unfortunatly partial due to new 
CVEs (rouca)
 --
-nginx
+nginx (charles)
   NOTE: 20260328: Added by Front-Desk (Beuc)
   NOTE: 20260328: 6 new CVEs; also follow DSA-6131-1 (1 CVE)
   NOTE: 20260328: and bookworm 12.12 (1 CVE) (Beuc/front-desk)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3b65f6c30f805117526194c33611dff51d6da2fe...99846aa12ae1468cba987668f8117c49de858d1c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3b65f6c30f805117526194c33611dff51d6da2fe...99846aa12ae1468cba987668f8117c49de858d1c
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to