Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c73b2d8d by Salvatore Bonaccorso at 2026-07-02T08:34:16+02:00
Add references from 2.14.9 version for icigna2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,6 +3,7 @@ CVE-2026-XXXX [GHSA-jgqj-x5j9-vgcm: Icinga 2 DSL Injection via 
Unescaped Import
        NOTE: 
https://github.com/Icinga/icinga2/security/advisories/GHSA-jgqj-x5j9-vgcm
        NOTE: https://icinga.com/blog/icinga2-security-release-v2-16-2/
        NOTE: Fixed by: 
https://github.com/Icinga/icinga2/commit/af4b36e6464b9b214bed270a53d6474cf91eb441
 (v2.16.2)
+       NOTE: Fixed by: 
https://github.com/Icinga/icinga2/commit/eec0d90e8303376fe772b3e4a04e3b064a44cf30
 (v2.14.9)
 CVE-2026-XXXX [GHSA-wh38-wg57-5w7g: Stack overflow via deeply nested JSON 
objects]
        - icinga2 2.16.2-1
        NOTE: 
https://github.com/Icinga/icinga2/security/advisories/GHSA-wh38-wg57-5w7g
@@ -15,11 +16,20 @@ CVE-2026-XXXX [GHSA-wh38-wg57-5w7g: Stack overflow via 
deeply nested JSON object
        NOTE: Fixed by: 
https://github.com/Icinga/icinga2/commit/77effd5bbbbf4e4b376b8a642ba5869ddd0bd416
 (v2.16.2)
        NOTE: Fixed by: 
https://github.com/Icinga/icinga2/commit/5288e833419d339c49c9f4f53ea41a008ae6c771
 (v2.16.2)
        NOTE: Fixed by: 
https://github.com/Icinga/icinga2/commit/f5b02b4885ff075b1ae5f8c0896878491fce1e10
 (v2.16.2)
+       NOTE: Fixed by: 
https://github.com/Icinga/icinga2/commit/391504eaa9ed9aee81f84008c57ec821974b74ee
 (v2.14.9)
+       NOTE: Fixed by: 
https://github.com/Icinga/icinga2/commit/6382675448bd28ca798e5d55d9a2306ad55ae509
 (v2.14.9)
+       NOTE: Fixed by: 
https://github.com/Icinga/icinga2/commit/5bf588369d90d72184da526528d8783ea6bf8e08
 (v2.14.9)
+       NOTE: Fixed by: 
https://github.com/Icinga/icinga2/commit/011c831632ed34c1f4ae33c3c9a72945b5e340c4
 (v2.14.9)
+       NOTE: Fixed by: 
https://github.com/Icinga/icinga2/commit/2d3277799cf16b7546156f1b8e8db0df2604a14f
 (v2.14.9)
+       NOTE: Fixed by: 
https://github.com/Icinga/icinga2/commit/69093a8ae0f09bbef8f589cbc67f131f167e5aa3
 (v2.14.9)
+       NOTE: Fixed by: 
https://github.com/Icinga/icinga2/commit/221d3fa9a66c248bc478220e4a73e1be661dd449
 (v2.14.9)
+       NOTE: Fixed by: 
https://github.com/Icinga/icinga2/commit/e23a3eb42d791f27c1073b56769800fe12156425
 (v2.14.9)
 CVE-2026-XXXX [GHSA-vj39-ww8j-vvx5: Improper access control for JSON-RPC 
update certificate messages]
        - icinga2 2.16.2-1
        NOTE: 
https://github.com/Icinga/icinga2/security/advisories/GHSA-vj39-ww8j-vvx5
        NOTE: https://icinga.com/blog/icinga2-security-release-v2-16-2/
        NOTE: Fixed by: 
https://github.com/Icinga/icinga2/commit/a6f7cc7a4ef8beed023b24416106822d6940c4c0
 (v2.16.2)
+       NOTE: Fixed by: 
https://github.com/Icinga/icinga2/commit/4b7fb3405f4616a24b2b55e20f603a56b7dd6ad0
 (v2.14.9)
 CVE-2026-8857 (A vulnerability in Wikimedia Foundation timeline.   This 
vulnerability ...)
        NOT-FOR-US: MediaWiki extensions/skins not packaged in Debian
 CVE-2026-8480 (A vulnerability was discovered on Stormshield Network Security 
4.3.0 t ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c73b2d8d2104beab3bc1a05f162a1794b30f3bad

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c73b2d8d2104beab3bc1a05f162a1794b30f3bad
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to