Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
785ff9ea by Moritz Muehlenhoff at 2026-07-06T10:29:25+02:00
trixie triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -270,6 +270,7 @@ CVE-2026-14570 (Crypt::DSA versions before 1.22 for Perl 
draw the DSA signing no
        NOTE: https://lists.security.metacpan.org/cve-announce/msg/41542402/
 CVE-2026-14647 (A weakness has been identified in onnx up to 1.21.x. This 
vulnerabilit ...)
        - onnx <unfixed>
+       [trixie] - onnx <no-dsa> (Minor issue)
        NOTE: https://github.com/onnx/onnx/issues/8036
        NOTE: https://github.com/onnx/onnx/pull/8051
        NOTE: Fixed by: 
https://github.com/onnx/onnx/commit/a7bf3a0f1d18bb62575236ef6e4944980c40e045
@@ -1280,6 +1281,7 @@ CVE-2026-39448 (Unauthenticated Broken Access Control in 
NOWPayments for WooComm
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-33592 (An unauthenticated remote attacker can exhaust server memory 
via the F ...)
        - open62541 <unfixed> (bug #1141441)
+       [trixie] - open62541 <no-dsa> (Minor issue)
        NOTE: https://github.com/open62541/open62541/pull/8142
        NOTE: Fixed by: 
https://github.com/open62541/open62541/commit/c9563e8ea4a8db2f64059c8ff7efe0b49a35bea3
 (v1.4.17)
 CVE-2026-27436 (Editor Arbitrary Code Execution in Five Star Business Profile 
and Sche ...)
@@ -1338,6 +1340,7 @@ CVE-2026-12122 (The Kirki \u2013 Freeform Page Builder, 
Website Builder & Custom
        NOT-FOR-US: WordPress plugin
 CVE-2026-11946 (An unauthenticated remote attacker can exhaust server memory 
via the G ...)
        - open62541 <unfixed> (bug #1141441)
+       [trixie] - open62541 <no-dsa> (Minor issue)
        NOTE: https://github.com/open62541/open62541/pull/8142
        NOTE: Fixed by: 
https://github.com/open62541/open62541/commit/c9563e8ea4a8db2f64059c8ff7efe0b49a35bea3
 (v1.4.17)
 CVE-2026-11896 (The My Calendar \u2013 Accessible Event Manager plugin for 
WordPress i ...)
@@ -4477,11 +4480,13 @@ CVE-2026-4629 (A flaw was found in Keycloak. A highly 
privileged user with `mana
 CVE-2026-4360 (In the Tarfile.extract() function, the filter parameter is not 
passed  ...)
        - python3.14 <unfixed>
        - python3.13 <unfixed>
+       [trixie] - python3.13 <no-dsa> (Minor issue)
        - python3.11 <removed>
        - python3.9 <removed>
        - python2.7 <removed>
        [bullseye] - python2.7 <end-of-life> (EOL in bullseye LTS)
        - jython <unfixed>
+       [trixie] - jython <no-dsa> (Minor issue)
        [bullseye] - jython <end-of-life> (EOL in bullseye LTS)
        - pypy3 <unfixed> (bug #1141531)
        [trixie] - pypy3 <no-dsa> (Minor issue)


=====================================
data/dsa-needed.txt
=====================================
@@ -82,6 +82,8 @@ perl (carnil)
 --
 prometheus
 --
+python-msgpack
+--
 redis
 --
 rsync



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/785ff9ea52158cd8222869d6b0f3dd951d96206e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/785ff9ea52158cd8222869d6b0f3dd951d96206e
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to