Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bc71e157 by Salvatore Bonaccorso at 2026-05-14T21:04:40+02:00
Add new set of netty issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -381,27 +381,40 @@ CVE-2026-42780 (A directory traversal vulnerability
exists in BIG-IP SSL Orchest
CVE-2026-42602 (azureauthextension is the Azure Authenticator Extension. From
0.124.0 ...)
NOT-FOR-US: Azure Authenticator ExtensionAzure Authenticator Extension
CVE-2026-42587 (Netty is an asynchronous, event-driven network application
framework. ...)
- TODO: check
+ - netty <unfixed>
+ NOTE:
https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv
CVE-2026-42586 (Netty is an asynchronous, event-driven network application
framework. ...)
- TODO: check
+ - netty <unfixed>
+ NOTE:
https://github.com/netty/netty/security/advisories/GHSA-rgrr-p7gp-5xj7
CVE-2026-42585 (Netty is an asynchronous, event-driven network application
framework. ...)
- TODO: check
+ - netty <unfixed>
+ NOTE:
https://github.com/netty/netty/security/advisories/GHSA-38f8-5428-x5cv
CVE-2026-42584 (Netty is an asynchronous, event-driven network application
framework. ...)
- TODO: check
+ - netty <unfixed>
+ NOTE:
https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3
CVE-2026-42583 (Netty is an asynchronous, event-driven network application
framework. ...)
- TODO: check
+ - netty <unfixed>
+ NOTE:
https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6
CVE-2026-42582 (Netty is an asynchronous, event-driven network application
framework. ...)
- TODO: check
+ - netty <unfixed>
+ NOTE:
https://github.com/netty/netty/security/advisories/GHSA-2c5c-chwr-9hqw
CVE-2026-42581 (Netty is an asynchronous, event-driven network application
framework. ...)
- TODO: check
+ - netty <unfixed>
+ NOTE:
https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9
CVE-2026-42580 (Netty is an asynchronous, event-driven network application
framework. ...)
- TODO: check
+ - netty <unfixed>
+ NOTE:
https://github.com/netty/netty/security/advisories/GHSA-m4cv-j2px-7723
CVE-2026-42579 (Netty is an asynchronous, event-driven network application
framework. ...)
- TODO: check
+ - netty <unfixed>
+ NOTE:
https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm
CVE-2026-42578 (Netty is an asynchronous, event-driven network application
framework. ...)
- TODO: check
+ - netty <unfixed>
+ NOTE:
https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr
CVE-2026-42577 (Netty is an asynchronous, event-driven network application
framework. ...)
- TODO: check
+ - netty <unfixed>
+ NOTE:
https://github.com/netty/netty/security/advisories/GHSA-rwm7-x88c-3g2p
+ NOTE: https://github.com/netty/netty/pull/16689
+ NOTE: Fixed by:
https://github.com/netty/netty/commit/0ec3d97fab376e243d328ac95fbd288ba0f6e22d
(netty-4.2.13.Final)
CVE-2026-42561 (Python-Multipart is a streaming multipart parser for Python.
Prior to ...)
TODO: check
CVE-2026-42557 (jupyterlab is an extensible environment for interactive and
reproducib ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc71e157fee411a9ba0435f23db0ff35fcd9eade
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc71e157fee411a9ba0435f23db0ff35fcd9eade
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
