[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for Gitsign issues

Fri, 15 May 2026 14:55:44 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5394601e by Salvatore Bonaccorso at 2026-05-15T23:55:09+02:00
Add Debian bug reference for Gitsign issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -122,11 +122,11 @@ CVE-2026-44641 (Microsoft APM is an open-source, 
community-driven dependency man
 CVE-2026-44366 (Vvveb is a powerful and easy to use CMS with page builder to 
build web ...)
        NOT-FOR-US: Vvveb
 CVE-2026-44310 (Gitsign is a keyless Sigstore to signing tool for Git commits 
with you ...)
-       - gitsign <unfixed>
+       - gitsign <unfixed> (bug #1136789)
        NOTE: 
https://github.com/sigstore/gitsign/security/advisories/GHSA-7c37-gx6w-8vc5
        NOTE: Fixed by: 
https://github.com/sigstore/gitsign/commit/d7565c405e188d1ad41d85d5f46adaeec4b85941
 (v0.15.0)
 CVE-2026-44309 (Gitsign is a keyless Sigstore to signing tool for Git commits 
with you ...)
-       - gitsign <unfixed>
+       - gitsign <unfixed> (bug #1136789)
        NOTE: 
https://github.com/sigstore/gitsign/security/advisories/GHSA-7rmh-48mx-2vwc
        NOTE: Fixed by: 
https://github.com/sigstore/gitsign/commit/3c84d87240644b5c62b3b3d79177ae64448591c8
 (v0.16.0)
 CVE-2026-44088 (SzafirHost verifies the signature of the downloaded JAR file 
using cla ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5394601ee62e0feb9a1bde26dab831af8a09aff3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5394601ee62e0feb9a1bde26dab831af8a09aff3
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to