Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: ab788d40 by Salvatore Bonaccorso at 2026-06-24T08:16:30+02:00 Add first batch of new curl issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,37 @@ +CVE-2026-10536 + - curl 8.21.0~rc2-1 + NOTE: https://curl.se/docs/CVE-2026-10536.html + NOTE: Introduced with: https://github.com/curl/curl/commit/71b7e0161032927cdfb4e75ea40f65b8898b3956 (curl-7_88_0) + NOTE: Fixed by: https://github.com/curl/curl/commit/bfbff7852f050232edd3e5ca5c6bf2021c340f5a (rc-8_21_0-1, curl-8_21_0) +CVE-2026-11352 + - curl 8.21.0~rc2-1 + [trixie] - curl <not-affected> (Vulnerable code not present) + [bookworm] - curl <not-affected> (Vulnerable code not present) + [bullseye] - curl <not-affected> (Vulnerable code not present) + NOTE: https://curl.se/docs/CVE-2026-11352.html + NOTE: Introduced with: https://github.com/curl/curl/commit/6a3d0b6d631d5e9bec797306b5b41a9f440a088d (curl-8_18_0) + NOTE: Fixed by: https://github.com/curl/curl/commit/56eca2afb4806f1032872fa97d1834b3c1385276 (rc-8_21_0-2, curl-8_21_0) +CVE-2026-11564 + - curl 8.21.0~rc2-1 + [trixie] - curl <not-affected> (Vulnerable code not present) + [bookworm] - curl <not-affected> (Vulnerable code not present) + [bullseye] - curl <not-affected> (Vulnerable code not present) + NOTE: https://curl.se/docs/CVE-2026-11564.html + NOTE: Introduced with: https://github.com/curl/curl/commit/eefd03c572996e5de4dec4fe295ad6f103e0eefc (curl-8_17_0) + NOTE: Fixed by: https://github.com/curl/curl/commit/d69bfad3fa3daf5e72331f6870667607828d5891 (rc-8_21_0-2, curl-8_21_0) +CVE-2026-11586 + - curl 8.21.0~rc3-1 + [trixie] - curl <not-affected> (Vulnerable code not present) + [bookworm] - curl <not-affected> (Vulnerable code not present) + [bullseye] - curl <not-affected> (Vulnerable code not present) + NOTE: https://curl.se/docs/CVE-2026-11586.html + NOTE: Introduced with: https://github.com/curl/curl/commit/0b091328773c64e23f5c4739da74527093c6a5ab (curl-8_16_0) + NOTE: Fixed by: https://github.com/curl/curl/commit/849317ff5c5a5e13f50ec3d001e46ddffa77d8a4 (rc-8_21_0-3, curl-8_21_0) +CVE-2026-11856 + - curl 8.21.0~rc3-1 + NOTE: https://curl.se/docs/CVE-2026-11856.html + NOTE: Introduced with: https://github.com/curl/curl/commit/334d78cd18a7310144383929bdcef34ffbf6159b (curl-7_10_6) + NOTE: Fixed by: https://github.com/curl/curl/commit/5c6b4880357ab3e72967c1c45cae0f96ffabc535 (rc-8_21_0-3, curl-8_21_0) CVE-2026-12064 - curl 8.21.0~rc3-1 NOTE: https://curl.se/docs/CVE-2026-12064.html View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab788d40287edd559d299531a8f6cb9da5747f50 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab788d40287edd559d299531a8f6cb9da5747f50 You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
