[Git][security-tracker-team/security-tracker][master] Add references for libcrypt-openssl-pkcs12-perl issues

Mon, 18 May 2026 00:07:59 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d1f19e3c by Salvatore Bonaccorso at 2026-05-18T08:40:48+02:00
Add references for libcrypt-openssl-pkcs12-perl issues

Note the upstream repository got wrongly tagged for 1.95, CPANsec is
notified.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -63,6 +63,10 @@ CVE-2026-8723 (### Summary    `qs.stringify` throws 
`TypeError` when called with
 CVE-2026-8721 (Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates 
passwo ...)
        - libcrypt-openssl-pkcs12-perl 1.95-1
        NOTE: https://lists.security.metacpan.org/cve-announce/msg/40149249/
+       NOTE: 
https://github.com/dsully/perl-crypt-openssl-pkcs12/commit/7b90e88a97f0ebe440032b8116249d1004d7ca6f
+       NOTE: 
https://github.com/dsully/perl-crypt-openssl-pkcs12/commit/468712ae04188342b263f057ad65f21a3545013b
+       NOTE: 
https://github.com/dsully/perl-crypt-openssl-pkcs12/commit/68904cd32691e223ad9eeff914812b8641eea14b
+       NOTE: 
https://github.com/dsully/perl-crypt-openssl-pkcs12/commit/d69393f3207586e3c6f2fe1a21b0b8972b93f8db
 CVE-2026-8719 (The AI Engine \u2013 The Chatbot, AI Framework & MCP for 
WordPress plu ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-8507 (Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out 
of boun ...)
@@ -71,6 +75,7 @@ CVE-2026-8507 (Crypt::OpenSSL::PKCS12 versions through 1.94 
for Perl have out of
        NOTE: https://github.com/dsully/perl-crypt-openssl-pkcs12/issues/55
        NOTE: https://github.com/dsully/perl-crypt-openssl-pkcs12/issues/56
        NOTE: Fixed by: 
https://github.com/dsully/perl-crypt-openssl-pkcs12/commit/b9d0469c6d8f5b5c6c2a45a3d0647a532b749397
+       NOTE: Regression test: 
https://github.com/dsully/perl-crypt-openssl-pkcs12/commit/31878e6453079d0cdb748c7e9c514460cf308e6c
 CVE-2026-6050
        REJECTED
 CVE-2026-46720 (Net::Statsd::Tiny versions before 0.3.8 for Perl allowed 
metric inject ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1f19e3c0c924c0310701cceea7011105bf9e74d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1f19e3c0c924c0310701cceea7011105bf9e74d
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to