Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5d469193 by Salvatore Bonaccorso at 2026-07-03T20:23:55+02:00
Add CVE-2026-44941/libzypp

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -485,7 +485,8 @@ CVE-2026-4767 (Missing authentication for critical function 
vulnerability in TR7
 CVE-2026-49779 (Customer Path Traversal in Tax Exempt for WooCommerce <= 1.9.3 
version ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-44941 (A relative path traversal in the "keyhint" option in 
repomd.xml parsin ...)
-       TODO: check
+       - libzypp 17.38.12-1
+       NOTE: Fixed by: 
https://github.com/openSUSE/libzypp/commit/294b1bad442d089ca671c5c03adc8031e3b29e04
 (17.38.12)
 CVE-2026-44935 (Missing validation of "valuesFrom" references in Helm Deployer 
of SUSE ...)
        NOT-FOR-US: Rancher Fleet
 CVE-2026-42382 (Unauthenticated Local File Inclusion in Audrey <= 1.5 
versions.)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d4691934c2f72b2c6e8502d3cce50c6f26cff80

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d4691934c2f72b2c6e8502d3cce50c6f26cff80
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to