Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f87f813b by Moritz Mühlenhoff at 2026-06-25T20:14:50+02:00
libssh2, sogo DSAs

- - - - -


4 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
- data/next-oldstable-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -37561,7 +37561,6 @@ CVE-2026-7599 (A vulnerability was detected in Dayoooun 
hwpx-mcp 0.2.0. This aff
        NOT-FOR-US: Dayoooun hwpx-mcp
 CVE-2026-7598 (A security vulnerability has been detected in libssh2 up to 
1.11.1. Th ...)
        - libssh2 1.11.1-3 (bug #1135647)
-       [trixie] - libssh2 <no-dsa> (Minor issue)
        [bookworm] - libssh2 <no-dsa> (Minor issue)
        [bullseye] - libssh2 <postponed> (Minor issue, unlikely user/pass 
length)
        NOTE: https://github.com/libssh2/libssh2/pull/1858


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,9 @@
+[25 Jun 2026] DSA-6366-1 sogo - security update
+       {CVE-2025-71276 CVE-2026-3054 CVE-2026-8496 CVE-2026-8851 
CVE-2026-33550 CVE-2026-46445 CVE-2026-46446}
+       [trixie] - sogo 5.12.1-3+deb13u2
+[25 Jun 2026] DSA-6365-1 libssh2 - security update
+       {CVE-2025-15661 CVE-2026-7598 CVE-2026-55199 CVE-2026-55200}
+       [trixie] - libssh2 1.11.1-1+deb13u1
 [25 Jun 2026] DSA-6364-1 chromium - security update
        {CVE-2026-13021 CVE-2026-13022 CVE-2026-13023 CVE-2026-13024 
CVE-2026-13025 CVE-2026-13026 CVE-2026-13027 CVE-2026-13028 CVE-2026-13029 
CVE-2026-13030 CVE-2026-13031 CVE-2026-13032 CVE-2026-13033 CVE-2026-13034 
CVE-2026-13035 CVE-2026-13036 CVE-2026-13037 CVE-2026-13038}
        [trixie] - chromium 149.0.7827.196-1~deb13u1


=====================================
data/dsa-needed.txt
=====================================
@@ -48,8 +48,6 @@ kitty
 libheif
   possibly best to move to 1.23.0
 --
-libssh2 (jmm)
---
 linux (carnil)
   Wait until more issues have piled up, though try to regulary rebase for point
   releases to more 6.1.y versions
@@ -93,9 +91,6 @@ rust-wasmtime
 --
 shaarli
 --
-sogo (jmm)
-  Peter Wienemann proposed debdiff for review
---
 util-linux
 --
 vim


=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -160,6 +160,8 @@ CVE-2026-8829
        [bookworm] - libhtml-parser-perl 3.81-1+deb12u1
 CVE-2022-4981
        [bookworm] - dcmtk 3.6.7-9~deb12u4
+CVE-2026-12805
+       [bookworm] - dcmtk 3.6.7-9~deb12u4
 CVE-2025-2357
        [bookworm] - dcmtk 3.6.7-9~deb12u4
 CVE-2025-9732



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f87f813b44b64c22c6a579113673f9ec04d74580

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f87f813b44b64c22c6a579113673f9ec04d74580
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to