Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3affc0de by Salvatore Bonaccorso at 2026-06-28T14:03:18+02:00
Update status for CVE-2026-57918/libnfs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -586,9 +586,9 @@ CVE-2026-57921 (In JetBrains YouTrack before 2026.2.16593 
improper access contro
 CVE-2026-57920 (Peplink InControl 2 through 2.14.2 before 2026-06-03 allows 
use of a s ...)
        NOT-FOR-US: Peplink InControl
 CVE-2026-57918 (libnfs through 6.0.2 before 935b8db has an xid integer 
underflow in RE ...)
-       - libnfs <unfixed>
-       [trixie] - libnfs <no-dsa> (Minor issue)
-       NOTE: 
https://github.com/sahlberg/libnfs/commit/935b8db712b3c6649bc57ddc276526c4a31680de
+       - libnfs <not-affected> (Vulnerable code not present)
+       NOTE: Introduced with: 
https://github.com/sahlberg/libnfs/commit/5e8f7ce273308eb77f94248f4501e574a703c1a5
 (libnfs-6.0.0)
+       NOTE: Fixed by: 
https://github.com/sahlberg/libnfs/commit/935b8db712b3c6649bc57ddc276526c4a31680de
 CVE-2026-57915 (It is possible to bypass the Kerberos pre-authentication check 
in Apac ...)
        NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-57914 (By sending a deeply nested ASN1 structure to a Apache Kerby 
client or  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3affc0de25cc8296340769dfbb47391664543a44

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3affc0de25cc8296340769dfbb47391664543a44
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to