Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
544e850e by Salvatore Bonaccorso at 2026-07-07T21:39:35+02:00
Mark trixie as no-dsa for dcmtk issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3217,6 +3217,7 @@ CVE-2026-54500 (Oj (Optimized JSON) is a JSON parser and 
Object marshaller packa
        NOTE: 
https://github.com/ohler55/oj/security/advisories/GHSA-fm7p-mprw-wjm9
 CVE-2026-52868 (An unauthenticated attacker can read worklist records from a 
directory ...)
        - dcmtk 3.7.0+really3.7.0-7 (bug #1141411)
+       [trixie] - dcmtk <no-dsa> (Minor issue; exposing first in unstable, 
then via proposed-updates)
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=e3878daf870cd2db50eadfde38615f0afae8a584
 CVE-2026-52198 (Buffer Overflow vulnerability in UTT nv518G 
nv518GV3v3.2.7-210919-1613 ...)
        NOT-FOR-US: UTT
@@ -3230,6 +3231,7 @@ CVE-2026-52193 (Buffer Overflow vulnerability in UTT 
nv518G nv518GV3v3.2.7-21091
        NOT-FOR-US: UTT
 CVE-2026-50254 (An unauthenticated remote attacker can repeatedly send a 
single crafte ...)
        - dcmtk 3.7.0+really3.7.0-7 (bug #1141411)
+       [trixie] - dcmtk <no-dsa> (Minor issue; exposing first in unstable, 
then via proposed-updates)
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=23f181f7a3cb8334056f751a3a0c2ddf01046752
 CVE-2026-50110 (Storage Concentrator (SC & SCVM) contains hardcoded 
credentials for nu ...)
        NOT-FOR-US: Storage Concentrator
@@ -3237,9 +3239,11 @@ CVE-2026-50040 (Storage Concentrator (SC & SCVM) is 
vulnerable to reflected cros
        NOT-FOR-US: Storage Concentrator
 CVE-2026-50003 (A malicious or compromised server can make a DCMTK client 
using bit-pr ...)
        - dcmtk 3.7.0+really3.7.0-7 (bug #1141411)
+       [trixie] - dcmtk <no-dsa> (Minor issue; exposing first in unstable, 
then via proposed-updates)
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=eca9a03dda7d4fc1faa7e5a6dac9617938cf5803
 CVE-2026-44628 (An unauthenticated attacker can crash the worklist server with 
a singl ...)
        - dcmtk 3.7.0+really3.7.0-7 (bug #1141411)
+       [trixie] - dcmtk <no-dsa> (Minor issue; exposing first in unstable, 
then via proposed-updates)
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=f4e0074682645b1a4289d62581926c4394d5c6d5
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=694a0a06a38015ce768fa161a62b148189f84959
 CVE-2026-44042 (UltraVNC repeater through 1.8.2.2 contains an off-by-one error 
in the  ...)
@@ -3255,6 +3259,7 @@ CVE-2026-37106 (An issue in DokuWiki 2025-05-14b 
"Librarian" 56.2 allows a remot
        NOTE: https://github.com/dokuwiki/dokuwiki/issues/4682
 CVE-2026-35505 (An unauthenticated remote attacker can repeatedly send crafted 
connect ...)
        - dcmtk 3.7.0+really3.7.0-7 (bug #1141411)
+       [trixie] - dcmtk <no-dsa> (Minor issue; exposing first in unstable, 
then via proposed-updates)
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=2312891a8d058c862e00bcbd636e5da26308658a
 CVE-2026-2387 (The Event Organiser plugin for WordPress is vulnerable to 
Stored Cross ...)
        NOT-FOR-US: WordPress plugin



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/544e850efd8f9f191b361fbb7d56482d26d2c646

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/544e850efd8f9f191b361fbb7d56482d26d2c646
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to