Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
92f87ea0 by Salvatore Bonaccorso at 2026-07-03T20:19:22+02:00
Add CVE-2026-38969/ruby-webrick

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -101,7 +101,9 @@ CVE-2026-38971 (ardupilot through Plane-4.6.3 was found to 
contain an out-of-bou
 CVE-2026-38970 (pdfcpu through v0.11.1 contains an uncontrolled-recursion 
denial-of-se ...)
        NOT-FOR-US: pdfcpu
 CVE-2026-38969 (ruby webrick through v1.9.2 WEBrick reparses trailer 
Content-Length in ...)
-       TODO: check
+       - ruby-webrick <unfixed>
+       NOTE: https://github.com/ruby/webrick/issues/198
+       NOTE: https://github.com/ruby/webrick/pull/199
 CVE-2026-38968 (ntopng through 6.6 is vulnerable to Predictable Session 
Identifier whi ...)
        TODO: check
 CVE-2026-26145 (Improper access control in Azure Synapse allows an authorized 
attacker ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92f87ea0183506c4bdcf627407c724bc411a85b3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92f87ea0183506c4bdcf627407c724bc411a85b3
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to