Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
09f09c5f by Salvatore Bonaccorso at 2026-07-03T23:27:48+02:00
Reference upstream commit for CVE-2026-53612
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13161,6 +13161,7 @@ CVE-2026-53612 [Local Privilege Escalation via TOCTOU
in mount(8) hook_owner.c c
[bullseye] - util-linux <not-affected> (Vulnerable code introduced
later)
NOTE:
https://github.com/util-linux/util-linux/security/advisories/GHSA-g8wm-75wr-g2vh
NOTE: Fixed by:
https://github.com/util-linux/util-linux/commit/d0c5adaeb3a3d823aba1377794de8f009b8152cc
(v2.42.2)
+ NOTE: Fixed by:
https://github.com/util-linux/util-linux/commit/897a08c2b11dfa66975c3d24d63c7bf5f5be1a7c
(v2.41.5)
CVE-2026-36849 [Denial of Service via large SamplesPerPixel tag]
- tiff 4.7.1-3 (bug #1140300)
[trixie] - tiff <ignored> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09f09c5fe5798921c6927b62db753a8cf4c68567
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09f09c5fe5798921c6927b62db753a8cf4c68567
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits