[Git][security-tracker-team/security-tracker][master] 2 commits: lts: add prometheus to dla-needed

Sun, 31 May 2026 18:31:23 -0700 


Daniel Leidert pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
964d4b86 by Daniel Leidert at 2026-06-01T03:30:02+02:00
lts: add prometheus to dla-needed

- - - - -
221628ee by Daniel Leidert at 2026-06-01T03:30:17+02:00
Add patch link for CVE-2026-41401/libyang

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -5484,7 +5484,7 @@ CVE-2026-41401 (libyang before 5.2.6 contains a heap 
use-after-free write vulner
        - libyang <unfixed>
        - libyang2 <removed>
        NOTE: 
https://github.com/CESNET/libyang/security/advisories/GHSA-9f49-8x56-jmjc
-       TODO: research fixing commit in 5.2.6, but there is no such release in 
https://github.com/CESNET/libyang/releases/tag/v5.2.6
+       NOTE: Fixed by: 
https://github.com/CESNET/libyang/commit/54c3276d871023da266d4ed3ceaee7e8d71d0b04
 (5.4.3)
 CVE-2026-41164 (nuts-node is the reference implementation of the Nuts 
specification. P ...)
        TODO: check
 CVE-2026-40564 (Files or Directories Accessible to External Parties, 
Server-Side Reque ...)


=====================================
data/dla-needed.txt
=====================================
@@ -476,6 +476,10 @@ proftpd-dfsg
   NOTE: 20260511: https://lists.debian.org/debian-lts/2026/05/msg00015.html
   NOTE: 20260511: 
https://salsa.debian.org/debian-proftpd-team/proftpd/-/commits/bullseye
 --
+prometheus
+  NOTE: 20260601: Added by Front-Desk (dleidert)
+  NOTE: 20260601: Follow DSA or support secteam with DSA (dleidert/front-desk)
+--
 prosody
   NOTE: 20260511: Added by Front-Desk (dleidert)
   NOTE: 20260511: Follow DSA 6252-1 fixing 4 CVEs (dleidert/front-desk)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ef750c149bbedf3036638d3d1e8aad2f1e3016d4...221628ee46d387fb68e0700f175cb8fa3b813c3b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ef750c149bbedf3036638d3d1e8aad2f1e3016d4...221628ee46d387fb68e0700f175cb8fa3b813c3b
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to