Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bf625bc4 by Moritz Mühlenhoff at 2026-06-08T20:53:40+02:00
track two keystones originally lined up for spu/ospu
- - - - -
3 changed files:
- data/CVE/list
- data/next-oldstable-point-update.txt
- data/next-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -34481,8 +34481,8 @@ CVE-2026-40688 (An out-of-bounds write vulnerability
[CWE-787] vulnerability in
CVE-2026-40683 (In OpenStack Keystone before 28.0.1, the LDAP identity backend
does no ...)
{DLA-4611-1}
- keystone 2:29.0.0~rc1-2 (bug #1133884)
- [trixie] - keystone <no-dsa> (Minor issue; can be fixed via point
release)
- [bookworm] - keystone <no-dsa> (Minor issue; can be fixed via point
release)
+ [trixie] - keystone 2:27.0.0-3+deb13u3
+ [bookworm] - keystone 2:22.0.2-0+deb12u2
NOTE: https://review.opendev.org/c/openstack/keystone/+/958205
CVE-2026-40499 (radare2 prior to version 6.1.4 contains a command injection
vulnerabil ...)
[experimental] - radare2 6.1.4+ds-1
@@ -38714,8 +38714,8 @@ CVE-2026-39881 (Vim is an open source, command line
text editor. Prior to 9.2.03
CVE-2026-33551 (An issue was discovered in OpenStack Keystone 14 through 26
before 26. ...)
{DLA-4611-1}
- keystone 2:29.0.0-2 (bug #1133118)
- [trixie] - keystone <no-dsa> (Minor issue)
- [bookworm] - keystone <no-dsa> (Minor issue)
+ [trixie] - keystone 2:27.0.0-3+deb13u3
+ [bookworm] - keystone 2:22.0.2-0+deb12u2
NOTE: https://launchpad.net/bugs/2142138
NOTE: https://www.openwall.com/lists/oss-security/2026/04/07/12
CVE-2026-5747 (An out-of-bounds write issue in the virtio PCI transport in
Firecracke ...)
=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -24,8 +24,6 @@ CVE-2026-25727
[bookworm] - rust-time 0.3.9-1+deb12u1
CVE-2021-37746
[bookworm] - sylpheed 3.8.0~beta1-1+deb12u1
-CVE-2026-33551
- [bookworm] - keystone 2:22.0.2-0+deb12u2
CVE-2026-34956
[bookworm] - openvswitch 3.1.0-2+deb12u2
CVE-2026-42510
@@ -36,10 +34,6 @@ CVE-2026-42997
[bookworm] - ironic 1:21.1.0-3+deb12u1
CVE-2026-44916
[bookworm] - ironic 1:21.1.0-3+deb12u1
-CVE-2026-40683
- [bookworm] - keystone 2:22.0.2-0+deb12u2
-CVE-2026-33551
- [bookworm] - keystone 2:22.0.2-0+deb12u2
CVE-2025-10148
[bookworm] - curl 7.88.1-10+deb12u15
CVE-2025-14524
=====================================
data/next-point-update.txt
=====================================
@@ -10,10 +10,6 @@ CVE-2025-68920
[trixie] - ckermit 416~beta12-1+deb13u1
CVE-2026-32953
[trixie] - golang-github-tillitis-tkeyclient 1.3.0-1~deb13u1
-CVE-2026-33551
- [trixie] - keystone 2:27.0.0-3+deb13u3
-CVE-2026-40683
- [trixie] - keystone 2:27.0.0-3+deb13u3
CVE-2026-34956
[trixie] - openvswitch 3.5.4-1~deb13u1
CVE-2026-35444
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf625bc484d409cae3a3d5580829d41717ede3ca
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf625bc484d409cae3a3d5580829d41717ede3ca
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
