Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c8d20a68 by Sylvain Beucler at 2026-05-22T18:53:25+02:00
CVE-2026-42151/prometheus: bullseye not-affected
- - - - -
12b66ee2 by Sylvain Beucler at 2026-05-22T18:57:13+02:00
htslib: follow bookworm triage
- - - - -
f77eebe1 by Sylvain Beucler at 2026-05-22T18:58:33+02:00
CVE-2026-8367/aria2: bullseye postponed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3706,6 +3706,7 @@ CVE-2026-8367 (aria2c accepts a server certificate with
incorrect Extended Key U
- aria2 <unfixed>
[trixie] - aria2 <postponed> (Minor issue, revisit when fixed upstream)
[bookworm] - aria2 <postponed> (Minor issue, revisit when fixed
upstream)
+ [bullseye] - aria2 <postponed> (Minor issue, revisit when fixed
upstream)
NOTE: https://github.com/aria2/aria2/issues/2355
CVE-2026-8328 (The ftpcp() function in Lib/ftplib.py was not updated when
CVE-2021-4 ...)
- python3.14 <unfixed>
@@ -11959,6 +11960,7 @@ CVE-2026-42154 (Prometheus is an open-source monitoring
system and time series d
NOTE: https://github.com/prometheus/prometheus/pull/18585
CVE-2026-42151 (Prometheus is an open-source monitoring system and time series
databas ...)
- prometheus <unfixed> (bug #1135999)
+ [bullseye] - prometheus <not-affected> (Azure AD module introduced in
v2.45)
NOTE:
https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj
NOTE: https://github.com/prometheus/prometheus/pull/18587
NOTE: https://github.com/prometheus/prometheus/pull/18590
@@ -38333,36 +38335,42 @@ CVE-2026-31971 (HTSlib is a library for reading and
writing bioinformatics file
- htslib <unfixed> (bug #1131493)
[trixie] - htslib <no-dsa> (Minor issue)
[bookworm] - htslib <no-dsa> (Minor issue)
+ [bullseye] - htslib <postponed> (Minor issue)
NOTE:
https://github.com/samtools/htslib/security/advisories/GHSA-jvx4-4wq7-6fmh
NOTE: Fixed by:
https://github.com/samtools/htslib/commit/01cd003b46fa2ebea4d9be5475b11217eb4c11be
(1.23.1)
CVE-2026-31970 (HTSlib is a library for reading and writing bioinformatics
file format ...)
- htslib <unfixed> (bug #1131493)
[trixie] - htslib <no-dsa> (Minor issue)
[bookworm] - htslib <no-dsa> (Minor issue)
+ [bullseye] - htslib <postponed> (Minor issue)
NOTE:
https://github.com/samtools/htslib/security/advisories/GHSA-p345-84hx-fq6q
NOTE: Fixed by:
https://github.com/samtools/htslib/commit/6dd0d7d0e9e7e2e173a28969e624db8bc8bb5828
(1.23.1)
CVE-2026-31969 (HTSlib is a library for reading and writing bioinformatics
file format ...)
- htslib <unfixed> (bug #1131493)
[trixie] - htslib <no-dsa> (Minor issue)
[bookworm] - htslib <no-dsa> (Minor issue)
+ [bullseye] - htslib <postponed> (Minor issue)
NOTE:
https://github.com/samtools/htslib/security/advisories/GHSA-q4cj-f4h5-fqgc
NOTE: Fixed by:
https://github.com/samtools/htslib/commit/88cdf69e4b83bb550ab4f6f7134892c2ad1978f4
(1.23.1)
CVE-2026-31968 (HTSlib is a library for reading and writing bioinformatics
file format ...)
- htslib <unfixed> (bug #1131493)
[trixie] - htslib <no-dsa> (Minor issue)
[bookworm] - htslib <no-dsa> (Minor issue)
+ [bullseye] - htslib <postponed> (Minor issue)
NOTE:
https://github.com/samtools/htslib/security/advisories/GHSA-cgcm-c9r2-p57j
NOTE: Fixed by:
https://github.com/samtools/htslib/commit/0ec436796eca7b4ce7fcc9b77270c102da29bb2e
(1.23.1)
CVE-2026-31967 (HTSlib is a library for reading and writing bioinformatics
file format ...)
- htslib <unfixed> (bug #1131493)
[trixie] - htslib <no-dsa> (Minor issue)
[bookworm] - htslib <no-dsa> (Minor issue)
+ [bullseye] - htslib <postponed> (Minor issue)
NOTE:
https://github.com/samtools/htslib/security/advisories/GHSA-33x5-c6vj-8f2w
NOTE: Fixed by:
https://github.com/samtools/htslib/commit/9cefb46453ad471e933b8212d4f45920524d3357
(1.23.1)
CVE-2026-31966 (HTSlib is a library for reading and writing bioinformatics
file format ...)
- htslib <unfixed> (bug #1131493)
[trixie] - htslib <no-dsa> (Minor issue)
[bookworm] - htslib <no-dsa> (Minor issue)
+ [bullseye] - htslib <postponed> (Minor issue)
NOTE:
https://github.com/samtools/htslib/security/advisories/GHSA-5cj8-mj52-8vp3
NOTE: Fixed by:
https://github.com/samtools/htslib/commit/4a5ef25eb1fb3d64438103316fffe423b2c3f5f4
(1.23.1)
NOTE: Fixed by:
https://github.com/samtools/htslib/commit/22ec5230ef95769ab009420da69568c7e530af28
(1.23.1)
@@ -38371,24 +38379,28 @@ CVE-2026-31965 (HTSlib is a library for reading and
writing bioinformatics file
- htslib <unfixed> (bug #1131493)
[trixie] - htslib <no-dsa> (Minor issue)
[bookworm] - htslib <no-dsa> (Minor issue)
+ [bullseye] - htslib <postponed> (Minor issue)
NOTE:
https://github.com/samtools/htslib/security/advisories/GHSA-mqm2-v645-3qhr
NOTE: Fixed by:
https://github.com/samtools/htslib/commit/9cefb46453ad471e933b8212d4f45920524d3357
(1.23.1)
CVE-2026-31964 (HTSlib is a library for reading and writing bioinformatics
file format ...)
- htslib <unfixed> (bug #1131493)
[trixie] - htslib <no-dsa> (Minor issue)
[bookworm] - htslib <no-dsa> (Minor issue)
+ [bullseye] - htslib <postponed> (Minor issue)
NOTE:
https://github.com/samtools/htslib/security/advisories/GHSA-5w97-85gf-86rm
NOTE: Fixed by:
https://github.com/samtools/htslib/commit/e64e68da567d2309509d059ace016d5d7fc7514f
(1.23.1)
CVE-2026-31963 (HTSlib is a library for reading and writing bioinformatics
file format ...)
- htslib <unfixed> (bug #1131493)
[trixie] - htslib <no-dsa> (Minor issue)
[bookworm] - htslib <no-dsa> (Minor issue)
+ [bullseye] - htslib <postponed> (Minor issue)
NOTE:
https://github.com/samtools/htslib/security/advisories/GHSA-qgqh-h2q9-7w3c
NOTE: Fixed by:
https://github.com/samtools/htslib/commit/8bcc9907be0f945ddc31796d64f078fa05456acd
(1.23.1)
CVE-2026-31962 (HTSlib is a library for reading and writing bioinformatics
file format ...)
- htslib <unfixed> (bug #1131493)
[trixie] - htslib <no-dsa> (Minor issue)
[bookworm] - htslib <no-dsa> (Minor issue)
+ [bullseye] - htslib <postponed> (Minor issue)
NOTE:
https://github.com/samtools/htslib/security/advisories/GHSA-xxmp-v7h3-gpwp
NOTE: Fixed by:
https://github.com/samtools/htslib/commit/d799b54c6401879187bba4741be83ff590ac73e3
(1.23.1)
CVE-2026-30704 (The WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02)
exposes an ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/53d2fe2d903bb4100fbdf3a5f0c623045b4cb3e3...f77eebe18f736034c5713e4074b29a9003a1a361
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/53d2fe2d903bb4100fbdf3a5f0c623045b4cb3e3...f77eebe18f736034c5713e4074b29a9003a1a361
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
