Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5ce38506 by Salvatore Bonaccorso at 2026-06-24T10:39:22+02:00
Add two dnsmasq issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -688,7 +688,9 @@ CVE-2026-27604 (FOSSBilling is a free, open-source billing 
and client management
 CVE-2026-13007 (Tenable Identity Exposure contains multiple unauthenticated 
API endpoi ...)
        TODO: check
 CVE-2026-12969 (An out-of-bounds read vulnerability exists in dnsmasq's 
find_soa() fun ...)
-       TODO: check
+       - dnsmasq 2.93-1
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2491663
+       NOTE: Fixed by: 
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=14094e88beca519c53151184cc4553656672b54f
 (v2.93rc1)
 CVE-2026-12958 (Missing symlink validation in Language Servers for AWS may 
allow an ar ...)
        NOT-FOR-US: Amazon
 CVE-2026-12957 (Improper trust boundary enforcement in Language Servers for 
AWS before ...)
@@ -1265,7 +1267,9 @@ CVE-2026-12863 (An unvalidated redirect was contained in 
Venueless' social login
 CVE-2026-12862 (Untrusted user data was passed verbatim to Excel exports for 
administr ...)
        NOT-FOR-US: rami.io products
 CVE-2026-12725 (A heap-based buffer overflow was found in dnsmasq. When DNSSEC 
validat ...)
-       TODO: check
+       - dnsmasq 2.93-1
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2490763
+       NOTE: Fixed by: 
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=36d081e37477027fd721fea498f3760f529034ad
 (v2.93test10)
 CVE-2026-12628 (IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM 
Storage Pro ...)
        NOT-FOR-US: IBM
 CVE-2026-12602 (Incorrect default permissions in ArubaSign, affecting versions 
prior t ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ce38506f45d9f6e9c2f164bb90029b0b5dd1eb7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ce38506f45d9f6e9c2f164bb90029b0b5dd1eb7
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to