Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c73b2d8d by Salvatore Bonaccorso at 2026-07-02T08:34:16+02:00
Add references from 2.14.9 version for icigna2
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,6 +3,7 @@ CVE-2026-XXXX [GHSA-jgqj-x5j9-vgcm: Icinga 2 DSL Injection via
Unescaped Import
NOTE:
https://github.com/Icinga/icinga2/security/advisories/GHSA-jgqj-x5j9-vgcm
NOTE: https://icinga.com/blog/icinga2-security-release-v2-16-2/
NOTE: Fixed by:
https://github.com/Icinga/icinga2/commit/af4b36e6464b9b214bed270a53d6474cf91eb441
(v2.16.2)
+ NOTE: Fixed by:
https://github.com/Icinga/icinga2/commit/eec0d90e8303376fe772b3e4a04e3b064a44cf30
(v2.14.9)
CVE-2026-XXXX [GHSA-wh38-wg57-5w7g: Stack overflow via deeply nested JSON
objects]
- icinga2 2.16.2-1
NOTE:
https://github.com/Icinga/icinga2/security/advisories/GHSA-wh38-wg57-5w7g
@@ -15,11 +16,20 @@ CVE-2026-XXXX [GHSA-wh38-wg57-5w7g: Stack overflow via
deeply nested JSON object
NOTE: Fixed by:
https://github.com/Icinga/icinga2/commit/77effd5bbbbf4e4b376b8a642ba5869ddd0bd416
(v2.16.2)
NOTE: Fixed by:
https://github.com/Icinga/icinga2/commit/5288e833419d339c49c9f4f53ea41a008ae6c771
(v2.16.2)
NOTE: Fixed by:
https://github.com/Icinga/icinga2/commit/f5b02b4885ff075b1ae5f8c0896878491fce1e10
(v2.16.2)
+ NOTE: Fixed by:
https://github.com/Icinga/icinga2/commit/391504eaa9ed9aee81f84008c57ec821974b74ee
(v2.14.9)
+ NOTE: Fixed by:
https://github.com/Icinga/icinga2/commit/6382675448bd28ca798e5d55d9a2306ad55ae509
(v2.14.9)
+ NOTE: Fixed by:
https://github.com/Icinga/icinga2/commit/5bf588369d90d72184da526528d8783ea6bf8e08
(v2.14.9)
+ NOTE: Fixed by:
https://github.com/Icinga/icinga2/commit/011c831632ed34c1f4ae33c3c9a72945b5e340c4
(v2.14.9)
+ NOTE: Fixed by:
https://github.com/Icinga/icinga2/commit/2d3277799cf16b7546156f1b8e8db0df2604a14f
(v2.14.9)
+ NOTE: Fixed by:
https://github.com/Icinga/icinga2/commit/69093a8ae0f09bbef8f589cbc67f131f167e5aa3
(v2.14.9)
+ NOTE: Fixed by:
https://github.com/Icinga/icinga2/commit/221d3fa9a66c248bc478220e4a73e1be661dd449
(v2.14.9)
+ NOTE: Fixed by:
https://github.com/Icinga/icinga2/commit/e23a3eb42d791f27c1073b56769800fe12156425
(v2.14.9)
CVE-2026-XXXX [GHSA-vj39-ww8j-vvx5: Improper access control for JSON-RPC
update certificate messages]
- icinga2 2.16.2-1
NOTE:
https://github.com/Icinga/icinga2/security/advisories/GHSA-vj39-ww8j-vvx5
NOTE: https://icinga.com/blog/icinga2-security-release-v2-16-2/
NOTE: Fixed by:
https://github.com/Icinga/icinga2/commit/a6f7cc7a4ef8beed023b24416106822d6940c4c0
(v2.16.2)
+ NOTE: Fixed by:
https://github.com/Icinga/icinga2/commit/4b7fb3405f4616a24b2b55e20f603a56b7dd6ad0
(v2.14.9)
CVE-2026-8857 (A vulnerability in Wikimedia Foundation timeline. This
vulnerability ...)
NOT-FOR-US: MediaWiki extensions/skins not packaged in Debian
CVE-2026-8480 (A vulnerability was discovered on Stormshield Network Security
4.3.0 t ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c73b2d8d2104beab3bc1a05f162a1794b30f3bad
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c73b2d8d2104beab3bc1a05f162a1794b30f3bad
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
