Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f87f813b by Moritz Mühlenhoff at 2026-06-25T20:14:50+02:00
libssh2, sogo DSAs
- - - - -
4 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
- data/next-oldstable-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -37561,7 +37561,6 @@ CVE-2026-7599 (A vulnerability was detected in Dayoooun
hwpx-mcp 0.2.0. This aff
NOT-FOR-US: Dayoooun hwpx-mcp
CVE-2026-7598 (A security vulnerability has been detected in libssh2 up to
1.11.1. Th ...)
- libssh2 1.11.1-3 (bug #1135647)
- [trixie] - libssh2 <no-dsa> (Minor issue)
[bookworm] - libssh2 <no-dsa> (Minor issue)
[bullseye] - libssh2 <postponed> (Minor issue, unlikely user/pass
length)
NOTE: https://github.com/libssh2/libssh2/pull/1858
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,9 @@
+[25 Jun 2026] DSA-6366-1 sogo - security update
+ {CVE-2025-71276 CVE-2026-3054 CVE-2026-8496 CVE-2026-8851
CVE-2026-33550 CVE-2026-46445 CVE-2026-46446}
+ [trixie] - sogo 5.12.1-3+deb13u2
+[25 Jun 2026] DSA-6365-1 libssh2 - security update
+ {CVE-2025-15661 CVE-2026-7598 CVE-2026-55199 CVE-2026-55200}
+ [trixie] - libssh2 1.11.1-1+deb13u1
[25 Jun 2026] DSA-6364-1 chromium - security update
{CVE-2026-13021 CVE-2026-13022 CVE-2026-13023 CVE-2026-13024
CVE-2026-13025 CVE-2026-13026 CVE-2026-13027 CVE-2026-13028 CVE-2026-13029
CVE-2026-13030 CVE-2026-13031 CVE-2026-13032 CVE-2026-13033 CVE-2026-13034
CVE-2026-13035 CVE-2026-13036 CVE-2026-13037 CVE-2026-13038}
[trixie] - chromium 149.0.7827.196-1~deb13u1
=====================================
data/dsa-needed.txt
=====================================
@@ -48,8 +48,6 @@ kitty
libheif
possibly best to move to 1.23.0
--
-libssh2 (jmm)
---
linux (carnil)
Wait until more issues have piled up, though try to regulary rebase for point
releases to more 6.1.y versions
@@ -93,9 +91,6 @@ rust-wasmtime
--
shaarli
--
-sogo (jmm)
- Peter Wienemann proposed debdiff for review
---
util-linux
--
vim
=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -160,6 +160,8 @@ CVE-2026-8829
[bookworm] - libhtml-parser-perl 3.81-1+deb12u1
CVE-2022-4981
[bookworm] - dcmtk 3.6.7-9~deb12u4
+CVE-2026-12805
+ [bookworm] - dcmtk 3.6.7-9~deb12u4
CVE-2025-2357
[bookworm] - dcmtk 3.6.7-9~deb12u4
CVE-2025-9732
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f87f813b44b64c22c6a579113673f9ec04d74580
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f87f813b44b64c22c6a579113673f9ec04d74580
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits