Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
505b715d by Salvatore Bonaccorso at 2026-05-17T15:15:21+02:00
Add CVE-2026-34253/vorbis-tools
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -415,7 +415,11 @@ CVE-2026-38728 (An issue in Nodemailer smtp_server before
v.3.18.3 allows a remo
CVE-2026-35194 (Code injection in SQL code generation in Apache Flink 1.15.0
through 1 ...)
NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-34253 (A buffer underflow vulnerability has been identified in the
ogg123 uti ...)
- TODO: check
+ - vorbis-tools <unfixed>
+ NOTE: https://gitlab.xiph.org/xiph/vorbis-tools/-/work_items/2332
+ NOTE: https://gitlab.xiph.org/xiph/vorbis-tools/-/merge_requests/27
+ NOTE:
https://gitlab.xiph.org/xiph/vorbis-tools/-/commit/4bb4fb33b25949178179f689db9afb477abeb572
+ NOTE:
https://gitlab.xiph.org/xiph/vorbis-tools/-/commit/cfc497a442f51fb4885e132deaf2e0ba067bd280
CVE-2026-2031 (An Improper Access Controlvulnerability inseveral internal API
endpoin ...)
NOT-FOR-US: Google Cloud
CVE-2026-23695 (Cockpit CMS through version 2.14.0, patched in commit 72a83fc,
contain ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/505b715d33a19b442d1ab7bd14490c1ade268252
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/505b715d33a19b442d1ab7bd14490c1ade268252
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
