[Git][security-tracker-team/security-tracker][master] Add three new go-git issues

Salvatore Bonaccorso (@carnil) Wed, 27 May 2026 13:35:16 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
32426085 by Salvatore Bonaccorso at 2026-05-27T22:34:38+02:00
Add three new go-git issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -191,9 +191,11 @@ CVE-2026-45716 (Budibase is an open-source low-code 
platform. Prior to 3.38.1, t
 CVE-2026-45715 (Budibase is an open-source low-code platform. Prior to 3.38.1, 
the RES ...)
        NOT-FOR-US: Budibase
 CVE-2026-45571 (go-git is an extensible git implementation library written in 
pure Go. ...)
-       TODO: check
+       - golang-github-go-git-go-git 5.19.1-1
+       NOTE: 
https://github.com/go-git/go-git/security/advisories/GHSA-crhj-59gh-8x96
 CVE-2026-45570 (go-git is an extensible git implementation library written in 
pure Go. ...)
-       TODO: check
+       - golang-github-go-git-go-git 5.19.1-1
+       NOTE: 
https://github.com/go-git/go-git/security/advisories/GHSA-m7cr-m3pv-hgrp
 CVE-2026-45548 (Budibase is an open-source low-code platform. Prior to 3.34.8, 
the pro ...)
        NOT-FOR-US: Budibase
 CVE-2026-45335 (WeGIA is a web manager for charitable institutions. Prior to 
3.7.3, an ...)
@@ -217,7 +219,8 @@ CVE-2026-45046 (Gryph provides a security layer for AI 
coding agents. Prior to 0
 CVE-2026-45027 (WeGIA is a web manager for charitable institutions. In 
versions prior  ...)
        NOT-FOR-US: WeGIA
 CVE-2026-45022 (go-git is an extensible git implementation library written in 
pure Go. ...)
-       TODO: check
+       - golang-github-go-git-go-git 5.19.1-1
+       NOTE: 
https://github.com/go-git/go-git/security/advisories/GHSA-389r-gv7p-r3rp
 CVE-2026-44988 (LibVNCClient is a library for easy implementation of a VNC 
client. In  ...)
        TODO: check
 CVE-2026-44972 (GuardDog is a CLI tool to identify malicious PyPI packages. 
From 2.6.0 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32426085c334bd42830d8b4d964f467a1d5e8232

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32426085c334bd42830d8b4d964f467a1d5e8232
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add three new go-git issues

Reply via email to