Guilhem Moulin pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
98ac9603 by Guilhem Moulin at 2026-06-25T20:24:33+02:00
Reserve DLA-4648-1 for libtext-csv-xs-perl
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -39695,7 +39695,6 @@ CVE-2026-XXXX [RUSTSEC-2026-0113]
CVE-2026-7111 (Text::CSV_XS versions before 1.62 for Perl have a
use-after-free when ...)
- libtext-csv-xs-perl 1.62-1 (bug #1135232)
[trixie] - libtext-csv-xs-perl 1.60-1+deb13u1
- [bookworm] - libtext-csv-xs-perl <no-dsa> (Minor issue)
NOTE: https://lists.security.metacpan.org/cve-announce/msg/39453344/
NOTE: https://github.com/cpan-authors/Text-CSV_XS/issues/65
NOTE: Requisite for test case:
https://github.com/cpan-authors/Text-CSV_XS/commit/b69bd94c2847cf3a28442af6286a345435955bcd
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,7 @@
+[25 Jun 2026] DLA-4648-1 libtext-csv-xs-perl - security update
+ {CVE-2026-7111}
+ [bullseye] - libtext-csv-xs-perl 1.45-1+deb11u1
+ [bookworm] - libtext-csv-xs-perl 1.49-1+deb12u1
[25 Jun 2026] DLA-4647-1 yelp - security update
[bullseye] - yelp 3.38.3-1+deb11u2
[24 Jun 2026] DLA-4646-1 postgresql-13 - security update
=====================================
data/dla-needed.txt
=====================================
@@ -403,10 +403,6 @@ libstb/bullseye
NOTE: 20260226: Fixed CVE-2021-28021 CVE-2021-37789 CVE-2021-42715
CVE-2022-28041 CVE-2022-28042 with DLA-4493-1 (abhijith)
NOTE: 20260429: Revisit when upstream merge the proposed fixes. Though other
embed libstb projects patched (abhijith)
--
-libtext-csv-xs-perl/bullseye (guilhem)
- NOTE: 20260519: Added by Front-Desk (Beuc)
- NOTE: 20260519: Follow trixie 13.5 (1 CVE) (Beuc/front-desk)
---
libvncserver
NOTE: 20260612: Added by Front-Desk (rouca)
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98ac96033541c755d9fc45e2f5ccd42c1e982f64
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98ac96033541c755d9fc45e2f5ccd42c1e982f64
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits