Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d9cb8400 by Moritz Muehlenhoff at 2026-06-13T00:39:37+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,20 +1,20 @@
CVE-2026-XXXX [RUSTSEC-2026-0172]
- - rust-diesel <unfixed>
+ - rust-diesel <unfixed> (bug #1139877)
[trixie] - rust-diesel <no-dsa> (Minor issue)
NOTE: https://rustsec.org/advisories/RUSTSEC-2026-0172.html
NOTE:
https://github.com/diesel-rs/diesel/commit/1bc2ea46d9840e8d9af844239d3c84f37fe7d84b
CVE-2026-XXXX [RUSTSEC-2026-0180]
- - rust-postgres-protocol <unfixed>
+ - rust-postgres-protocol <unfixed> (bug #1139876)
[trixie] - rust-postgres-protocol <no-dsa> (Minor issue)
NOTE: https://rustsec.org/advisories/RUSTSEC-2026-0180.html
NOTE:
https://github.com/rust-postgres/rust-postgres/commit/a7cf84b5c46431cbca9d8ff50508c23f446efa7d
(postgres-protocol-v0.6.12)
CVE-2026-XXXX [RUSTSEC-2026-0179]
- - rust-postgres-protocol <unfixed>
+ - rust-postgres-protocol <unfixed> (bug #1139876)
[trixie] - rust-postgres-protocol <no-dsa> (Minor issue)
NOTE: https://rustsec.org/advisories/RUSTSEC-2026-0179.html
NOTE:
https://github.com/rust-postgres/rust-postgres/commit/d40097a36a85068ea50a3afbf0ce154ba439e7f0
(postgres-protocol-v0.6.12)
CVE-2026-XXXX [RUSTSEC-2026-0177]
- - rust-pyo3 <unfixed>
+ - rust-pyo3 <unfixed> (bug #1139875)
[trixie] - rust-pyo3 <no-dsa> (Minor issue)
NOTE: https://rustsec.org/advisories/RUSTSEC-2026-0177.html
NOTE: https://github.com/PyO3/pyo3/pull/6096
@@ -268,7 +268,7 @@ CVE-2026-44976 (Frappe is a full-stack web application
framework. Prior to versi
CVE-2026-44975 (Frappe is a full-stack web application framework. Prior to
versions 15 ...)
NOT-FOR-US: Frappe
CVE-2026-44967 (OpenTelemetry-cpp is the C++ implementation of OpenTelemetry.
Prior to ...)
- - opentelemetry-cpp <unfixed>
+ - opentelemetry-cpp <unfixed> (bug #1139879)
NOTE:
https://github.com/open-telemetry/opentelemetry-cpp/security/advisories/GHSA-5qhm-4rfp-qqvj
NOTE: https://github.com/open-telemetry/opentelemetry-cpp/issues/3958
NOTE: https://github.com/open-telemetry/opentelemetry-cpp/pull/4078
@@ -969,7 +969,7 @@ CVE-2026-10795 (The UpdraftPlus: WP Backup & Migration
Plugin plugin for WordPre
CVE-2026-10733 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
NOT-FOR-US: GitLab (used to be packaged in the Debian archive as
src:gitlab, but never in a stable release)
CVE-2026-10142 (kafka-python prior to 2.3.2 contains a denial-of-service
vulnerability ...)
- - python-kafka <unfixed>
+ - python-kafka <unfixed> (bug #1139878)
NOTE: https://github.com/dpkp/kafka-python/pull/3019
NOTE: https://github.com/dpkp/kafka-python/pull/3026
NOTE: Fixed by:
https://github.com/dpkp/kafka-python/commit/6e4831444f972d169cdd11f5c8d50333cea3f19b
(3.0.0)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9cb8400ed8f4b1f9dcb9fe410471a2738ecec3f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9cb8400ed8f4b1f9dcb9fe410471a2738ecec3f
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
