Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a40553d3 by Salvatore Bonaccorso at 2026-03-07T09:06:48+01:00
Update status for CVE-2026-2219/dpkg
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1463,8 +1463,9 @@ CVE-2026-2219 [dpkg-deb: Persistent hang on malformed
.deb archives (DoS)]
- dpkg 1.23.6 (bug #1129722)
[trixie] - dpkg <no-dsa> (Minor issue; can be fixed in point release)
[bookworm] - dpkg <no-dsa> (Minor issue; can be fixed in point release)
- [bullseye] - dpkg <postponed> (Minor issue; can be fixed in next update
after bookworm point release)
- NOTE: Fixed by:
https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=6610297a62c0780dd0e80b0e302ef64fdcc9d313
+ [bullseye] - dpkg <not-affected> (Vulnerable code introduced later)
+ NOTE: Introduced with:
https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=2c2f7066bd8c3209762762fa6905fa567b08ca5a
(1.21.18)
+ NOTE: Fixed by:
https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=6610297a62c0780dd0e80b0e302ef64fdcc9d313
(1.23.6)
CVE-2026-3381 (Compress::Raw::Zlib versions through 2.219 for Perl use
potentially in ...)
- libcompress-raw-zlib-perl 2.011-2
- perl 5.10.0-21
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a40553d3b109248403408bdca1d2cb864a822e7a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a40553d3b109248403408bdca1d2cb864a822e7a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
