Arnaud Rebillout pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a98a7137 by Arnaud Rebillout at 2026-03-06T09:42:12+07:00
CVE-2026-26007: Postpone for bullseye
Follow secteam triage, minor issue.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9783,6 +9783,7 @@ CVE-2026-26007 (cryptography is a package designed to
expose cryptographic primi
- python-cryptography 46.0.5-1 (bug #1127926)
[trixie] - python-cryptography <no-dsa> (Minor issue; only affects
binary elliptic curves, which are rarely used in real-world applications)
[bookworm] - python-cryptography <no-dsa> (Minor issue; only affects
binary elliptic curves, which are rarely used in real-world applications)
+ [bullseye] - python-cryptography <postponed> (Minor issue; only affects
binary elliptic curves, which are rarely used in real-world applications)
NOTE:
https://github.com/pyca/cryptography/security/advisories/GHSA-r6ph-v2qm-q3c2
NOTE: EC support migrated to Rust in:
https://github.com/pyca/cryptography/commit/f38eb4a0e45645e6a43f8dd589f1d3ce1103e83c
(42.0.0)
NOTE: Fixed by:
https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c
(46.0.5)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a98a7137e4e71597be440ea352798ffaf3995f5c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a98a7137e4e71597be440ea352798ffaf3995f5c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
