Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1b3c59b8 by Moritz Muehlenhoff at 2026-06-12T18:12:27+02:00
trixie triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -226,6 +226,7 @@ CVE-2026-9694 (GitLab has remediated an issue in GitLab 
CE/EE affecting all vers
        - gitlab <removed>
 CVE-2026-9648 (The crypton-x509-validation Haskell library fails to enforce 
X.509 Nam ...)
        - haskell-crypton-x509-validation <unfixed> (bug #1139732)
+       [trixie] - haskell-crypton-x509-validation <no-dsa> (Minor issue)
        NOTE: https://www.kb.cert.org/vuls/id/862559
        NOTE: https://github.com/kazu-yamamoto/crypton-certificate/pull/30
        NOTE: Fixed by: 
https://github.com/kazu-yamamoto/crypton-certificate/commit/f4b77edf6ead77f4a886da40e41eab20f0180e39
 (crypton-x509-validation-1.9.1)
@@ -7969,6 +7970,7 @@ CVE-2026-45131 (CloudPirates Open Source Helm Charts is a 
collection of Helm cha
        NOT-FOR-US: CloudPirates Open Source Helm Charts
 CVE-2026-44740 (Billy is an interface filesystem abstraction for Go. Prior to 
versions ...)
        - golang-github-go-git-go-billy <unfixed>
+       [trixie] - golang-github-go-git-go-billy <no-dsa> (Minor issue)
        - golang-github-go-git-go-billy-v6 <unfixed>
        NOTE: 
https://github.com/go-git/go-billy/security/advisories/GHSA-m3xc-h892-ggx6
 CVE-2026-44211 (Cline is an autonomous coding agent as an SDK, IDE extension, 
or CLI a ...)
@@ -49962,6 +49964,7 @@ CVE-2026-3591 (A use-after-return vulnerability exists 
in the `named` server whe
        NOTE: 
https://gitlab.isc.org/isc-projects/bind9/-/commit/4a2048ea7f98b7ad9528463a045abc9d224a0f43
 (v9.20.21)
 CVE-2026-3608 (Sending a maliciously crafted message to the kea-ctrl-agent, 
kea-dhcp- ...)
        - isc-kea 3.0.3-1
+       [trixie] - isc-kea <no-dsa> (Minor issue)
        NOTE: https://kb.isc.org/docs/cve-2026-3608
 CVE-2026-33515 (Squid is a caching proxy for the Web. Prior to version 7.5, 
due to imp ...)
        - squid 7.5-1


=====================================
data/dsa-needed.txt
=====================================
@@ -36,6 +36,8 @@ firebird3.0
 --
 firebird4.0
 --
+gst-plugins-bad1.0
+--
 imagemagick
 --
 jetty9
@@ -46,6 +48,8 @@ jpeg-xl (jmm)
 --
 kamailio
 --
+libgd-perl (carnil)
+--
 librabbitmq (jmm)
 --
 linux (carnil)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b3c59b858afaf67713639d49d862e1a1e2a67d8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b3c59b858afaf67713639d49d862e1a1e2a67d8
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to