Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e4f539c7 by Salvatore Bonaccorso at 2026-05-29T06:39:10+02:00
Add tracking for rustc for CVE-2026-522{2,3}
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4251,6 +4251,7 @@ CVE-2026-7766 (Kenik Camera management Panel is
vulnerable to Path Traversal vul
CVE-2026-5223 (Cargo incorrectly handled symlinks inside of crate tarballs
downloaded ...)
- cargo <removed>
- rust-cargo <unfixed>
+ - rustc 1.95.0+dfsg1-2
NOTE:
https://groups.google.com/g/rustlang-security-announcements/c/IB74S7Yksg8
NOTE: https://blog.rust-lang.org/2026/05/25/cve-2026-5223/
NOTE:
https://github.com/rust-lang/cargo/commit/285cebf58911eca5b7f177f5d0b1c53e1f646577
@@ -4258,6 +4259,7 @@ CVE-2026-5223 (Cargo incorrectly handled symlinks inside
of crate tarballs downl
CVE-2026-5222 (Cargo between 1.68 and 1.96 incorrectly normalized the URLs of
third-p ...)
- cargo <removed>
- rust-cargo <unfixed>
+ - rustc 1.95.0+dfsg1-2
NOTE:
https://groups.google.com/g/rustlang-security-announcements/c/SfUxOiIdY5s
NOTE: https://blog.rust-lang.org/2026/05/25/cve-2026-5222/
NOTE:
https://github.com/rust-lang/cargo/commit/c4d63a44234de22dc745231c416b80ed848d997f
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4f539c7b84deb6bdad3a1ad3805bdc7070aea9c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4f539c7b84deb6bdad3a1ad3805bdc7070aea9c
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
