Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d1655ed6 by Salvatore Bonaccorso at 2026-07-08T05:57:25+02:00
Track fixed version for vim issues via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7613,15 +7613,15 @@ CVE-2026-57533 (Malicious HTML content could be 
injected into the page pretix sh
 CVE-2026-57532 (Malicious HTML content contained in the layout specification 
of a PDF  ...)
        NOT-FOR-US: rami.io products
 CVE-2026-57456 (Vim is an open source, command line text editor. Prior to 
9.2.0699, Vi ...)
-       - vim <unfixed> (bug #1140775)
+       - vim 2:9.2.0782-1 (bug #1140775)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-ppj8-wqjf-6fp3
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/cce141c42740f122dd8486ae04e21c2a81016ba8 
(v9.2.0699)
 CVE-2026-57455 (Vim is an open source, command line text editor. Prior to 
9.2.0698, th ...)
-       - vim <unfixed> (bug #1140775)
+       - vim 2:9.2.0782-1 (bug #1140775)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-q8mh-6qm3-25g4
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/497f931f85339d175d7f69588dd249e8ccfed41b 
(v9.2.0698)
 CVE-2026-57454 (Vim is an open source, command line text editor. From 9.2.0320 
until 9 ...)
-       - vim <unfixed> (bug #1140775)
+       - vim 2:9.2.0782-1 (bug #1140775)
        [trixie] - vim <not-affected> (Vulnerable code not present)
        [bookworm] - vim <not-affected> (Vulnerable code not present)
        [bullseye] - vim <not-affected> (Vulnerable code not present)
@@ -7629,15 +7629,15 @@ CVE-2026-57454 (Vim is an open source, command line 
text editor. From 9.2.0320 u
        NOTE: Introduced with: 
https://github.com/vim/vim/commit/ff41e9d853ef3e366575e375d8c40cf11d5e331b 
(v9.2.0320)
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/b3faeecc976d3031d7c0675623516ec60c30f949 
(v9.2.0679)
 CVE-2026-57453 (Vim is an open source, command line text editor. From 9.1.1784 
until 9 ...)
-       - vim <unfixed> (bug #1140775)
+       - vim 2:9.2.0782-1 (bug #1140775)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-x5fg-h5w9-9frf
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/b2cc9be119d51212bf0d3f2a994c7e517c73f4a9 
(v9.2.0678)
 CVE-2026-57452 (Vim is an open source, command line text editor. Prior to 
9.2.0671, wh ...)
-       - vim <unfixed> (bug #1140775)
+       - vim 2:9.2.0782-1 (bug #1140775)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-c4j9-wr9j-4486
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/c8777cec25dcfae89c42e9aff51af61f71c5745f 
(v9.2.0671)
 CVE-2026-57451 (Vim is an open source, command line text editor. Prior to 
9.2.0670, ge ...)
-       - vim <unfixed> (bug #1140775)
+       - vim 2:9.2.0782-1 (bug #1140775)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-f36c-2qcp-7gpw
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/b2338ca90643e2f01ecb6547c1172716aaec4f79 
(v9.2.0670)
 CVE-2026-57438 (Nokogiri is an open source XML and HTML library for the Ruby 
programmi ...)
@@ -7753,11 +7753,11 @@ CVE-2026-55961 (wolfSSL_PKCS7_verify() returning 
success for a degenerate (certs
        [trixie] - wolfssl <no-dsa> (Minor issue)
        NOTE: https://github.com/wolfSSL/wolfssl/pull/10702 (v5.9.2-stable)
 CVE-2026-55895 (Vim is an open source, command line text editor. Prior to 
9.2.0663, a  ...)
-       - vim <unfixed> (bug #1140775)
+       - vim 2:9.2.0782-1 (bug #1140775)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-vhh8-v6wx-hjjh
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/55bc757a5d436e59d50fe43f7cda94b118f86cb2 
(v9.2.0663)
 CVE-2026-55892 (Vim is an open source, command line text editor. Prior to 
9.2.0662, th ...)
-       - vim <unfixed> (bug #1140775)
+       - vim 2:9.2.0782-1 (bug #1140775)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-qm9w-fmpj-879h
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/8325b193bba5f01e7a7d8241fc8633d93dff996b 
(v9.2.0662)
 CVE-2026-55700 (pnpm is a package manager. From 11.3.0 until 11.5.3, `pnpm 
stage downl ...)
@@ -7769,7 +7769,7 @@ CVE-2026-55698 (pnpm is a package manager. Prior to 
10.34.2 and 11.5.3, pnpm can
 CVE-2026-55697 (pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm 
can insta ...)
        - pnpm <itp> (bug #985669)
 CVE-2026-55693 (Vim is an open source, command line text editor. Prior to 
9.2.0653, th ...)
-       - vim <unfixed> (bug #1140775)
+       - vim 2:9.2.0782-1 (bug #1140775)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-wgh4-64f7-q3jq
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/a80874d9b84a01040e3d1aef2d4a59e1934dafb7 
(v9.2.0653)
 CVE-2026-55667 (File Browser is a file managing interface for uploading, 
deleting, pre ...)
@@ -17612,16 +17612,16 @@ CVE-2026-53460 (ImageMagick is free and open-source 
software used for editing an
 CVE-2026-53423 (Allocation of Resources Without Limits or Throttling 
vulnerability in  ...)
        NOT-FOR-US: membraneframework membrane_mp4_plugin
 CVE-2026-52860 (Vim is an open source, command line text editor. Prior to 
version 9.2. ...)
-       - vim <unfixed> (bug #1139730)
+       - vim 2:9.2.0782-1 (bug #1139730)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-65p9-mwwx-7468
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/c8c63673bc4253212820626aeeb75999d9a539d2 
(v9.2.0597)
 CVE-2026-52859 (Vim is an open source, command line text editor. Prior to 
version 9.2. ...)
-       - vim <unfixed> (bug #1139729; unimportant)
+       - vim 2:9.2.0782-1 (bug #1139729; unimportant)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-47gw-8gc3-mgcm
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/63680c6d3d52477817b49cd1a66e7aabe8a7aa19 
(v9.2.0565)
        NOTE: Crash in CLI tool, no security impact
 CVE-2026-52858 (Vim is an open source, command line text editor. Prior to 
version 9.2. ...)
-       - vim <unfixed> (bug #1139728)
+       - vim 2:9.2.0782-1 (bug #1139728)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-52mc-rq6p-rc7c
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/4b850457e12e1a678dd209f2868154f7553cbf8d 
(v9.2.0561)
 CVE-2026-50223 (Improper Control of Generation of Code ('Code Injection') 
vulnerabilit ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1655ed6e91f15ddbe890525bf9a0f8988b55420

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1655ed6e91f15ddbe890525bf9a0f8988b55420
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to