Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cb86c059 by Salvatore Bonaccorso at 2026-06-29T22:57:31+02:00
Add two new gzip issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -129,9 +129,11 @@ CVE-2026-49049 (The Helix3 plugin for Joomla exposes an 
ajax handler task, that
 CVE-2026-46406 (Claude Code is an agentic coding tool.  From 2.1.59 until 
2.1.128, the ...)
        NOT-FOR-US: Claude Code
 CVE-2026-41992 (GNU gzip contains a global buffer overflow vulnerability in 
the LZH de ...)
-       TODO: check
+       - gzip <unfixed>
+       NOTE: 
https://cgit.git.savannah.gnu.org/cgit/gzip.git/commit/?id=63dbf6b3b9e6e781df1a6a64e609b10e23969681
 CVE-2026-41991 (GNU gzip contains a vulnerability in the gzexe utility related 
to inse ...)
-       TODO: check
+       - gzip <unfixed>
+       NOTE: 
https://cgit.git.savannah.gnu.org/cgit/gzip.git/commit/?id=4e6f8b24ab823146ab8776f0b7fe486ab34d4269
 CVE-2026-41052 (Improper privilege handling could be used by users withProject 
Owner r ...)
        NOT-FOR-US: Rancher
 CVE-2026-40524 (FrontAccounting before 2.4.20 contains a SQL injection 
vulnerability i ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb86c059de4108841ef50a803922a5880c950c22

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb86c059de4108841ef50a803922a5880c950c22
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to