Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
49a64828 by Salvatore Bonaccorso at 2026-07-05T15:50:59+02:00
Track proposed update for python-msgpack via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2181,7 +2181,7 @@ CVE-2026-57962 (A malicious LDAP server, which a
Thunderbird user is configured
[trixie] - thunderbird <postponed> (Minor issue, wait for next security
round)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-64/#CVE-2026-57962
CVE-2026-57585 (MessagePack is the serializer implementation for Python
msgpack.org. P ...)
- - python-msgpack <unfixed> (bug #1141340)
+ - python-msgpack 1.1.2-3 (bug #1141340)
NOTE:
https://github.com/msgpack/msgpack-python/security/advisories/GHSA-6v7p-g79w-8964
NOTE: Fixed by:
https://github.com/msgpack/msgpack-python/commit/2c56ddb5d0025ed481d962c0f5d62d19dec7476d
(v1.2.1)
CVE-2026-57204 (pypdf is a free and open-source pure-python PDF library. Prior
to 6.13 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49a6482818544febf3d1e510d8d8283e833d57bb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49a6482818544febf3d1e510d8d8283e833d57bb
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits