Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c22a44c7 by Salvatore Bonaccorso at 2026-06-26T09:17:06+02:00
Add Debian bug reference for vim issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -282,15 +282,15 @@ CVE-2026-57533 (Malicious HTML content could be injected 
into the page pretix sh
 CVE-2026-57532 (Malicious HTML content contained in the layout specification 
of a PDF  ...)
        NOT-FOR-US: rami.io products
 CVE-2026-57456 (Vim is an open source, command line text editor. Prior to 
9.2.0699, Vi ...)
-       - vim <unfixed>
+       - vim <unfixed> (bug #1140775)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-ppj8-wqjf-6fp3
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/cce141c42740f122dd8486ae04e21c2a81016ba8 
(v9.2.0699)
 CVE-2026-57455 (Vim is an open source, command line text editor. Prior to 
9.2.0698, th ...)
-       - vim <unfixed>
+       - vim <unfixed> (bug #1140775)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-q8mh-6qm3-25g4
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/497f931f85339d175d7f69588dd249e8ccfed41b 
(v9.2.0698)
 CVE-2026-57454 (Vim is an open source, command line text editor. From 9.2.0320 
until 9 ...)
-       - vim <unfixed>
+       - vim <unfixed> (bug #1140775)
        [trixie] - vim <not-affected> (Vulnerable code not present)
        [bookworm] - vim <not-affected> (Vulnerable code not present)
        [bullseye] - vim <not-affected> (Vulnerable code not present)
@@ -298,15 +298,15 @@ CVE-2026-57454 (Vim is an open source, command line text 
editor. From 9.2.0320 u
        NOTE: Introduced with: 
https://github.com/vim/vim/commit/ff41e9d853ef3e366575e375d8c40cf11d5e331b 
(v9.2.0320)
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/b3faeecc976d3031d7c0675623516ec60c30f949 
(v9.2.0679)
 CVE-2026-57453 (Vim is an open source, command line text editor. From 9.1.1784 
until 9 ...)
-       - vim <unfixed>
+       - vim <unfixed> (bug #1140775)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-x5fg-h5w9-9frf
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/b2cc9be119d51212bf0d3f2a994c7e517c73f4a9 
(v9.2.0678)
 CVE-2026-57452 (Vim is an open source, command line text editor. Prior to 
9.2.0671, wh ...)
-       - vim <unfixed>
+       - vim <unfixed> (bug #1140775)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-c4j9-wr9j-4486
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/c8777cec25dcfae89c42e9aff51af61f71c5745f 
(v9.2.0671)
 CVE-2026-57451 (Vim is an open source, command line text editor. Prior to 
9.2.0670, ge ...)
-       - vim <unfixed>
+       - vim <unfixed> (bug #1140775)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-f36c-2qcp-7gpw
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/b2338ca90643e2f01ecb6547c1172716aaec4f79 
(v9.2.0670)
 CVE-2026-57438 (Nokogiri is an open source XML and HTML library for the Ruby 
programmi ...)
@@ -411,11 +411,11 @@ CVE-2026-55961 (wolfSSL_PKCS7_verify() returning success 
for a degenerate (certs
        - wolfssl <unfixed> (bug #1140765)
        NOTE: https://github.com/wolfSSL/wolfssl/pull/10702 (v5.9.2-stable)
 CVE-2026-55895 (Vim is an open source, command line text editor. Prior to 
9.2.0663, a  ...)
-       - vim <unfixed>
+       - vim <unfixed> (bug #1140775)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-vhh8-v6wx-hjjh
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/55bc757a5d436e59d50fe43f7cda94b118f86cb2 
(v9.2.0663)
 CVE-2026-55892 (Vim is an open source, command line text editor. Prior to 
9.2.0662, th ...)
-       - vim <unfixed>
+       - vim <unfixed> (bug #1140775)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-qm9w-fmpj-879h
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/8325b193bba5f01e7a7d8241fc8633d93dff996b 
(v9.2.0662)
 CVE-2026-55700 (pnpm is a package manager. From 11.3.0 until 11.5.3, `pnpm 
stage downl ...)
@@ -427,7 +427,7 @@ CVE-2026-55698 (pnpm is a package manager. Prior to 10.34.2 
and 11.5.3, pnpm can
 CVE-2026-55697 (pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm 
can insta ...)
        - pnpm <itp> (bug #985669)
 CVE-2026-55693 (Vim is an open source, command line text editor. Prior to 
9.2.0653, th ...)
-       - vim <unfixed>
+       - vim <unfixed> (bug #1140775)
        NOTE: https://github.com/vim/vim/security/advisories/GHSA-wgh4-64f7-q3jq
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/a80874d9b84a01040e3d1aef2d4a59e1934dafb7 
(v9.2.0653)
 CVE-2026-55667 (File Browser is a file managing interface for uploading, 
deleting, pre ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c22a44c7d16d849815fdc67dc847b72c8b0a8d23

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c22a44c7d16d849815fdc67dc847b72c8b0a8d23
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to