Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
52eaa9af by Salvatore Bonaccorso at 2026-07-08T22:06:12+02:00
Add two new pypdf issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -39,9 +39,17 @@ CVE-2026-5459 (The User Frontend: AI Powered Frontend
Posting, User Directory, P
CVE-2026-5356 (The LatePoint \u2013 Calendar Booking Plugin for Appointments
and Even ...)
NOT-FOR-US: WordPress plugin
CVE-2026-59938 (pypdf is a free and open-source pure-python PDF library. Prior
to 6.14 ...)
- TODO: check
+ - pypdf <unfixed>
+ - pypdf2 <removed>
+ NOTE:
https://github.com/py-pdf/pypdf/security/advisories/GHSA-5qjq-93h5-hrgp
+ NOTE: https://github.com/py-pdf/pypdf/pull/3888
+ NOTE: Fixed by:
https://github.com/py-pdf/pypdf/commit/c64583be16b8e8763d8777075f8ecbf382014b7a
(6.14.0)
CVE-2026-59937 (pypdf is a free and open-source pure-python PDF library. Prior
to 6.14 ...)
- TODO: check
+ - pypdf <unfixed>
+ - pypdf2 <removed>
+ NOTE:
https://github.com/py-pdf/pypdf/security/advisories/GHSA-55h5-xmcq-c37v
+ NOTE: https://github.com/py-pdf/pypdf/pull/3887
+ NOTE: Fixed by:
https://github.com/py-pdf/pypdf/commit/b5fc5aa714f4b696fb9b1deaa35a9e4a4eb50dae
(6.14.0)
CVE-2026-59930 (Mistune is a Python Markdown parser with renderers and
plugins. Prior ...)
TODO: check
CVE-2026-59929 (Mistune is a Python Markdown parser with renderers and
plugins. Prior ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52eaa9af205c0c25af567fb7f7868110269f6dae
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52eaa9af205c0c25af567fb7f7868110269f6dae
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits