Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8eee32a8 by Salvatore Bonaccorso at 2026-05-14T22:05:28+02:00
Add CVE-2026-44348/libpodofo
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -111,7 +111,10 @@ CVE-2026-44374 (Backstage is an open framework for
building developer portals. P
CVE-2026-44371 (Open OnDemand is an open-source high-performance computing
portal. Pri ...)
NOT-FOR-US: Open OnDemand
CVE-2026-44348 (PoDoFo is a C++17 PDF manipulation library. From 1.0.0 to
before 1.0.4 ...)
- TODO: check
+ - libpodofo <not-affected> (Vulnerable code not present)
+ NOTE:
https://github.com/podofo/podofo/security/advisories/GHSA-8fq6-rqpv-xq72
+ NOTE: Introduced with:
https://github.com/podofo/podofo/commit/b812f67b48f6733e640e67a52ed3da306e7a39c7
(1.0.0-beta1)
+ NOTE: Fixed by:
https://github.com/podofo/podofo/commit/696d765c3a71ef224d4abffe1f174fef11292d7e
(1.0.4)
CVE-2026-44312 (css_parser is a Ruby CSS parser. Prior to 2.1.0 and 1.22.0,
the CSS Pa ...)
TODO: check
CVE-2026-44308 (Spring Cloud AWS simplifies using AWS managed services in a
Spring and ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8eee32a82ea1b4487faf42c96c1313761bdb849e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8eee32a82ea1b4487faf42c96c1313761bdb849e
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
