Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
56f1c77b by Salvatore Bonaccorso at 2026-06-05T21:15:12+02:00
Add Debian bug references for rlottie issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1130,7 +1130,7 @@ CVE-2026-49837
[bullseye] - gobgp <postponed> (Limited support)
NOTE:
https://github.com/osrg/gobgp/security/advisories/GHSA-gjrg-jjr3-56cm
CVE-2026-8916 (Out-of-bounds write vulnerability in Samsung Open Source
rlottie allow ...)
- - rlottie <unfixed>
+ - rlottie <unfixed> (bug #1138916)
NOTE: https://github.com/Samsung/rlottie/pull/589
NOTE:
https://github.com/Samsung/rlottie/commit/ffe60942892c3d68b14560761ea920d360ef51bb
CVE-2026-8762
@@ -1195,7 +1195,7 @@ CVE-2026-4104 (Authorization bypass through
User-Controlled SQL primary key vuln
CVE-2026-49771 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-49510 (Integer overflow or wraparound vulnerability in Samsung Open
Source rl ...)
- - rlottie <unfixed>
+ - rlottie <unfixed> (bug #1138921)
NOTE: https://github.com/Samsung/rlottie/pull/592
CVE-2026-49204 (Leftover debug modules contain fixed credentials for internal
AWS Cogn ...)
NOT-FOR-US: Acer
@@ -1234,18 +1234,18 @@ CVE-2026-47707 (Strawberry GraphQL is a library for
creating GraphQL APIs. In ve
CVE-2026-47706 (Strawberry GraphQL is a library for creating GraphQL APIs. In
versions ...)
NOT-FOR-US: Strawberry GraphQL
CVE-2026-47320 (Access of uninitialized pointer, Uncontrolled Recursion
vulnerability ...)
- - rlottie <unfixed>
+ - rlottie <unfixed> (bug #1138920)
NOTE: https://github.com/Samsung/rlottie/pull/593
CVE-2026-47319 (Memory allocation with excessive size value vulnerability in
Samsung O ...)
- - rlottie <unfixed>
+ - rlottie <unfixed> (bug #1138919)
NOTE: https://github.com/Samsung/rlottie/pull/588
NOTE:
https://github.com/Samsung/rlottie/commit/5def9f402b1cb5b09f52655e414f0afba4ffd959
CVE-2026-47318 (Stack-based buffer overflow vulnerability in Samsung Open
Source rlott ...)
- - rlottie <unfixed>
+ - rlottie <unfixed> (bug #1138918)
NOTE: https://github.com/Samsung/rlottie/pull/582
NOTE:
https://github.com/Samsung/rlottie/commit/9e4f354f6ebdf294738ef7abf1728f40889c2c51
CVE-2026-47306 (Uncontrolled Recursion vulnerability in Samsung Open Source
rlottie al ...)
- - rlottie <unfixed>
+ - rlottie <unfixed> (bug #1138917)
NOTE: https://github.com/Samsung/rlottie/pull/585
NOTE:
https://github.com/Samsung/rlottie/commit/1cda06022e53206c230fb0c6e38b2adaea729a5d
CVE-2026-45739 (Strawberry GraphQL is a library for creating GraphQL APIs. In
versions ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56f1c77b7894d0c1e112a7b36838cf1fe4ff66e9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56f1c77b7894d0c1e112a7b36838cf1fe4ff66e9
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
