Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 2cc1b799 by Salvatore Bonaccorso at 2026-05-27T08:49:42+02:00 Add CVE-2026-46644/php-symfony-polyfill - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,8 @@ +CVE-2026-46644 [insecure equivalence in symfony/polyfill-intl-idn for ASCII-only xn-- labels] + - php-symfony-polyfill <unfixed> + [bookworm] - php-symfony-polyfill <no-dsa> (Minor issue) + NOTE: https://symfony.com/blog/cve-2026-46644-insecure-equivalence-in-symfony-polyfill-intl-idn-for-ascii-only-xn-labels + NOTE: https://github.com/symfony/polyfill/security/advisories/GHSA-2xf4-cg6j-vhgq CVE-2026-48962 [Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output] - libio-compress-perl <unfixed> - perl <unfixed> View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2cc1b799304ae034906498f585011ae1f7d58c0e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2cc1b799304ae034906498f585011ae1f7d58c0e You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
