[Git][security-tracker-team/security-tracker][master] Add new mpd issues

Fri, 29 May 2026 00:33:37 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ee180482 by Salvatore Bonaccorso at 2026-05-29T09:32:46+02:00
Add new mpd issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -296,13 +296,21 @@ CVE-2026-49299 (In OpenStack Neutron before 28.0.1, the 
tagging controller enfor
        - neutron 2:28.0.0-4 (bug #1138172)
        NOTE: https://security.openstack.org/ossa/OSSA-2026-016.html
 CVE-2026-49130 (Music Player Daemon (MPD) before version 0.24.11 contains a 
CRLF injec ...)
-       TODO: check
+       - mpd <unfixed>
+       NOTE: https://github.com/MusicPlayerDaemon/MPD/issues/2483
+       NOTE: Fixed by: 
https://github.com/MusicPlayerDaemon/MPD/commit/855085b35c67dddeef0652e2cb3ac8cdd4f457b7
 (v0.24.11)
 CVE-2026-49129 (Music Player Daemon (MPD) before version 0.24.11 contains a 
server-sid ...)
-       TODO: check
+       - mpd <unfixed>
+       NOTE: https://github.com/MusicPlayerDaemon/MPD/issues/2487
+       NOTE: Fixed by: 
https://github.com/MusicPlayerDaemon/MPD/commit/78341dd6c7b101c3feede233d4cc4f8f1fcc4bb3
 (v0.24.11)
 CVE-2026-49128 (Music Player Daemon (MPD) before version 0.24.11 contains a 
path trave ...)
-       TODO: check
+       - mpd <unfixed>
+       NOTE: https://github.com/MusicPlayerDaemon/MPD/issues/2484
+       NOTE: Fixed by: 
https://github.com/MusicPlayerDaemon/MPD/commit/0b5315b9e5a42cb0e88bf46a7579bb5641543f60
 (v0.24.11)
 CVE-2026-49127 (Music Player Daemon (MPD) before version 0.24.11 contains a 
stack buff ...)
-       TODO: check
+       - mpd <unfixed>
+       NOTE: https://github.com/MusicPlayerDaemon/MPD/issues/2485
+       NOTE: Fixed by: 
https://github.com/MusicPlayerDaemon/MPD/commit/59911028c020f84bc2e669da6a1ef88121301274
 (v0.24.11)
 CVE-2026-49095 (Improper Input Validation (CWE-20) in the Kibana Fleet agent 
policy ma ...)
        TODO: check
 CVE-2026-49094 (Uncontrolled Resource Consumption (CWE-400) in Kibana can lead 
to deni ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee180482b8d0c88473880549a8510f96aecde4e8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee180482b8d0c88473880549a8510f96aecde4e8
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to