Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
92f87ea0 by Salvatore Bonaccorso at 2026-07-03T20:19:22+02:00
Add CVE-2026-38969/ruby-webrick
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -101,7 +101,9 @@ CVE-2026-38971 (ardupilot through Plane-4.6.3 was found to
contain an out-of-bou
CVE-2026-38970 (pdfcpu through v0.11.1 contains an uncontrolled-recursion
denial-of-se ...)
NOT-FOR-US: pdfcpu
CVE-2026-38969 (ruby webrick through v1.9.2 WEBrick reparses trailer
Content-Length in ...)
- TODO: check
+ - ruby-webrick <unfixed>
+ NOTE: https://github.com/ruby/webrick/issues/198
+ NOTE: https://github.com/ruby/webrick/pull/199
CVE-2026-38968 (ntopng through 6.6 is vulnerable to Predictable Session
Identifier whi ...)
TODO: check
CVE-2026-26145 (Improper access control in Azure Synapse allows an authorized
attacker ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92f87ea0183506c4bdcf627407c724bc411a85b3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92f87ea0183506c4bdcf627407c724bc411a85b3
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits