Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ce6db310 by Salvatore Bonaccorso at 2026-03-06T22:38:23+01:00
Add two new lxml-html-clean issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -665,9 +665,13 @@ CVE-2026-28542 (Permission bypass vulnerability in the
system service framework.
CVE-2026-28353 (Trivy Vulnerability Scanner is a VS Code extension that helps
find vul ...)
- trivy <itp> (bug #929458)
CVE-2026-28350 (lxml_html_clean is a project for HTML cleaning functionalities
copied ...)
- TODO: check
+ - lxml-html-clean <unfixed>
+ NOTE:
https://github.com/fedora-python/lxml_html_clean/security/advisories/GHSA-xvp8-3mhv-424c
+ NOTE: Fixed by:
https://github.com/fedora-python/lxml_html_clean/commit/9c5612ca33b941eec4178abf8a5294b103403f34
(0.4.4)
CVE-2026-28348 (lxml_html_clean is a project for HTML cleaning functionalities
copied ...)
- TODO: check
+ - lxml-html-clean <unfixed>
+ NOTE:
https://github.com/fedora-python/lxml_html_clean/security/advisories/GHSA-hw26-mmpg-fqfg
+ NOTE: Fixed by:
https://github.com/fedora-python/lxml_html_clean/commit/2ef732667ddbc74ea59847bcf24b75809aaeed3b
(0.4.4)
CVE-2026-28343 (CKEditor 5 is a modern JavaScript rich-text editor with an MVC
archite ...)
TODO: check
CVE-2026-28342 (OliveTin gives access to predefined shell commands from a web
interfac ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce6db310e92488cfdbe576c12e1afaa0a063abfc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce6db310e92488cfdbe576c12e1afaa0a063abfc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
