Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
13f68a2d by Salvatore Bonaccorso at 2026-07-03T08:19:52+02:00
Add Debian bug reference for CVE-2026-57585
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1379,7 +1379,7 @@ CVE-2026-57962 (A malicious LDAP server, which a
Thunderbird user is configured
[trixie] - thunderbird <postponed> (Minor issue, wait for next security
round)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-64/#CVE-2026-57962
CVE-2026-57585 (MessagePack is the serializer implementation for Python
msgpack.org. P ...)
- - python-msgpack <unfixed>
+ - python-msgpack <unfixed> (bug #1141340)
NOTE:
https://github.com/msgpack/msgpack-python/security/advisories/GHSA-6v7p-g79w-8964
NOTE: Fixed by:
https://github.com/msgpack/msgpack-python/commit/2c56ddb5d0025ed481d962c0f5d62d19dec7476d
(v1.2.1)
CVE-2026-57204 (pypdf is a free and open-source pure-python PDF library. Prior
to 6.13 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13f68a2d41bb6fcf9e6b555a80abc7ed1a602877
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13f68a2d41bb6fcf9e6b555a80abc7ed1a602877
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits