Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
afa53689 by Salvatore Bonaccorso at 2026-06-03T07:29:16+02:00
Add references for advisories for libcpanel-json-xs-perl issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1486,11 +1486,13 @@ CVE-2026-9516 [BOM-shift PV-corruption SIGABRT]
- libcpanel-json-xs-perl 4.41-1 (bug #1138273)
[trixie] - libcpanel-json-xs-perl <no-dsa> (Minor issue)
[bookworm] - libcpanel-json-xs-perl <no-dsa> (Minor issue)
+ NOTE: https://lists.security.metacpan.org/cve-announce/msg/40653165/
NOTE: Fixed by:
https://github.com/rurban/Cpanel-JSON-XS/commit/dfe1b41a36caba51dc12a2917fe50285d1ffaa7b
(4.41)
CVE-2026-9334 [dupkeys_as_arrayref type confusion]
- libcpanel-json-xs-perl 4.41-1 (bug #1138273)
[trixie] - libcpanel-json-xs-perl <no-dsa> (Minor issue)
[bookworm] - libcpanel-json-xs-perl <no-dsa> (Minor issue)
+ NOTE: https://lists.security.metacpan.org/cve-announce/msg/40653179/
NOTE: Fixed by:
https://github.com/rurban/Cpanel-JSON-XS/commit/11a7c550a0d8fac2f84414f24d5df9b2bfe346e2
(4.41)
CVE-2026-XXXX [Attacker-controlled heap out-of-bounds write in libvncclient
Tight decoder]
- libvncserver <unfixed> (bug #1138253)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/afa53689b7d71a748d0e6ee66097e62433323b05
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/afa53689b7d71a748d0e6ee66097e62433323b05
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
