Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dff38668 by Salvatore Bonaccorso at 2026-06-20T09:57:29+02:00
Add new lissues in libde265
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -34,7 +34,9 @@ CVE-2026-50559 (Quarkus is a Java framework for building
cloud-native applicatio
CVE-2026-50519 (Initialization of a resource with an insecure default in
GitHub Copilo ...)
NOT-FOR-US: Microsoft
CVE-2026-49346 (libde265 is an open source implementation of the h.265 video
codec. Pr ...)
- TODO: check
+ - libde265 <unfixed>
+ NOTE:
https://github.com/strukturag/libde265/security/advisories/GHSA-vv8h-932h-7r86
+ NOTE: Fixed by:
https://github.com/strukturag/libde265/commit/8a1b5cf212f78e1c77cb46eb5d56e492a9336eb8
(v1.1.0)
CVE-2026-49345 (Mercator is an open source web application that enables
mapping of the ...)
NOT-FOR-US: Mercator
CVE-2026-49344 (Mercator is an open source web application that enables
mapping of the ...)
@@ -46,9 +48,13 @@ CVE-2026-49340 (gonic is a music streaming server /
free-software subsonic serve
CVE-2026-49338 (gonic is a music streaming server / free-software subsonic
server API ...)
NOT-FOR-US: gonic music streaming server
CVE-2026-49337 (libde265 is an open source implementation of the h.265 video
codec. Pr ...)
- TODO: check
+ - libde265 <unfixed>
+ NOTE:
https://github.com/strukturag/libde265/security/advisories/GHSA-g5hj-rf9f-7vxm
+ NOTE: Fixed by:
https://github.com/strukturag/libde265/commit/683cb9fa603e35840642f98765ab95cdb71cadf9
(v1.1.0)
CVE-2026-49295 (libde265 is an open source implementation of the h.265 video
codec. Pr ...)
- TODO: check
+ - libde265 <unfixed>
+ NOTE:
https://github.com/strukturag/libde265/security/advisories/GHSA-g2rg-wj66-w594
+ NOTE: Fixed by:
https://github.com/strukturag/libde265/commit/691f3a3c55b3d32478c4a49895dee061a282652
(v1.1.0)
CVE-2026-48794 (Authelia is an open-source authentication and authorization
server pro ...)
TODO: check
CVE-2026-48787 (gin-vue-admin is an AI-assisted basic development platform. In
version ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dff38668eae3ae8ffe30c6395bfb87a846a7ae4f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dff38668eae3ae8ffe30c6395bfb87a846a7ae4f
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits