Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
019a40dd by Salvatore Bonaccorso at 2026-06-27T10:09:02+02:00
auto-nfu: Add another product covered for the Apache CNA

- - - - -
010956a2 by Salvatore Bonaccorso at 2026-06-27T10:09:29+02:00
Process two NFUs

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -423,9 +423,9 @@ CVE-2026-57918 (libnfs through 6.0.2 before 935b8db has an 
xid integer underflow
        - libnfs <unfixed>
        NOTE: 
https://github.com/sahlberg/libnfs/commit/935b8db712b3c6649bc57ddc276526c4a31680de
 CVE-2026-57915 (It is possible to bypass the Kerberos pre-authentication check 
in Apac ...)
-       TODO: check
+       NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-57914 (By sending a deeply nested ASN1 structure to a Apache Kerby 
client or  ...)
-       TODO: check
+       NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-57913 (Johnson & Johnson Audit Tracking Management System (ATMS) 
before 2026- ...)
        NOT-FOR-US: Johnson & Johnson Audit Tracking Management System (ATMS)
 CVE-2026-57912 (Johnson & Johnson Campus Recruiting before 2025-10-31 allows 
viewing o ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -355,6 +355,7 @@
       - product: Apache HugeGraph-Server
       - product: Apache Ignite
       - product: Apache IoTDB
+      - product: Apache Kerby
       - product: Apache Kvrocks
       - product: Apache Kylin
       - product: Apache Kyuubi



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e171651eaf0880091a6910555ec3e605438f92ea...010956a2d94eb9d326543210b4d2a1d22d3f6003

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e171651eaf0880091a6910555ec3e605438f92ea...010956a2d94eb9d326543210b4d2a1d22d3f6003
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to