Bastien Roucariès pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
599ec4af by Bastien Roucariès at 2026-06-10T23:26:35+02:00
bullseye triagging

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5808,6 +5808,7 @@ CVE-2025-41259 (SWUpdate before 2026.05 is affected by a 
time-of-check time-of-u
        - swupdate 2026.05+dfsg-1
        [trixie] - swupdate <no-dsa> (Minor issue)
        [bookworm] - swupdate <no-dsa> (Minor issue)
+       [bullseye] - swupdate <postponed> (Minor issue)
        NOTE: Fixed by: 
https://github.com/sbabic/swupdate/commit/f4bd64260e233e207354d68d572b1cbc3e63689d
 (2026.05)
 CVE-2025-15656 (Incorrect Privilege Assignment vulnerability in Mojoomla 
School Manage ...)
        NOT-FOR-US: WordPress plugin or theme
@@ -6497,6 +6498,7 @@ CVE-2026-38978 (transmission through 4.1.1 was found to 
have a clickjacking weak
        - transmission 4.1.2+dfsg-1
        [trixie] - transmission <no-dsa> (Minor issue)
        [bookworm] - transmission <no-dsa> (Minor issue)
+       [bullseye] - transmission <postponed> (Minor issue)
        NOTE: https://github.com/transmission/transmission/issues/8726
        NOTE: https://github.com/transmission/transmission/pull/8747
        NOTE: 
https://github.com/transmission/transmission/commit/6b24c1c214ec6a44fa5fdff0ce7da6b16d8ecaa8
@@ -9601,6 +9603,7 @@ CVE-2026-44604 (A command injection vulnerability was 
discovered in the `rpmunco
        - rpm <unfixed> (bug #1138234)
        [trixie] - rpm <no-dsa> (Minor issue)
        [bookworm] - rpm <no-dsa> (Minor issue)
+       [bullseye] - rpm <postponed> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2460967
 CVE-2026-44594 (esm.sh is a no-build content delivery network (CDN) for web 
developmen ...)
        NOT-FOR-US: esm.sh
@@ -13869,6 +13872,7 @@ CVE-2026-5223 (Cargo incorrectly handled symlinks 
inside of crate tarballs downl
        - rustc 1.95.0+dfsg1-2
        [trixie] - rustc <no-dsa> (Minor issue)
        [bookworm] - rustc <no-dsa> (Minor issue)
+       [bullseye] - rustc <postponed> (Minor issue)
        NOTE: 
https://groups.google.com/g/rustlang-security-announcements/c/IB74S7Yksg8
        NOTE: https://blog.rust-lang.org/2026/05/25/cve-2026-5223/
        NOTE: 
https://github.com/rust-lang/cargo/commit/285cebf58911eca5b7f177f5d0b1c53e1f646577
@@ -13883,6 +13887,7 @@ CVE-2026-5222 (Cargo between 1.68 and 1.96 incorrectly 
normalized the URLs of th
        - rustc 1.95.0+dfsg1-2
        [trixie] - rustc <no-dsa> (Minor issue)
        [bookworm] - rustc <no-dsa> (Minor issue)
+       [bullseye] - rustc <postponed> (Minor issue)
        NOTE: 
https://groups.google.com/g/rustlang-security-announcements/c/SfUxOiIdY5s
        NOTE: https://blog.rust-lang.org/2026/05/25/cve-2026-5222/
        NOTE: 
https://github.com/rust-lang/cargo/commit/c4d63a44234de22dc745231c416b80ed848d997f
@@ -18276,6 +18281,7 @@ CVE-2026-44312 (css_parser is a Ruby CSS parser. Prior 
to 2.1.0 and 1.22.0, the
        - ruby-css-parser 2.1.0-1
        [trixie] - ruby-css-parser <no-dsa> (Minor issue)
        [bookworm] - ruby-css-parser <no-dsa> (Minor issue)
+       [bullseye] - ruby-css-parser <postponed> (Minor issue)
        NOTE: 
https://github.com/premailer/css_parser/security/advisories/GHSA-ff6c-w6qf-7xqc
        NOTE: https://github.com/premailer/css_parser/issues/185
        NOTE: Fixed by: 
https://github.com/premailer/css_parser/commit/35e689c904225add78e0c488cf04bad052666449
 (v2.1.0)
@@ -78692,6 +78698,7 @@ CVE-2025-68616 (WeasyPrint helps web developers to 
create PDF documents. Prior t
        - weasyprint <unfixed> (bug #1139189)
        [trixie] - weasyprint <no-dsa> (Minor issue)
        [bookworm] - weasyprint <no-dsa> (Minor issue)
+       [bullseye] - weasyprint <postponed> (Minor issue)
        NOTE: 
https://github.com/Kozea/WeasyPrint/security/advisories/GHSA-983w-rhvv-gwmv
 CVE-2025-61684 (Quicly, an IETF QUIC protocol implementation, is susceptible 
to a deni ...)
        NOT-FOR-US: Quicly



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/599ec4afee2c9af20ad66af60098c4fac726cc21

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/599ec4afee2c9af20ad66af60098c4fac726cc21
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to