Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9e5d1ec2 by Chris Lamb at 2026-06-29T13:04:18-07:00
Triage CVE-2026-45300 in async-http-client for LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15249,6 +15249,8 @@ CVE-2026-45409 (Internationalized Domain Names in
Applications (IDNA) for Python
NOTE: Fixed by:
https://github.com/kjd/idna/commit/e1cb465b6376f33306a26f467d197edbcd01c4b9
(v3.15)
CVE-2026-45300 (The AsyncHttpClient (AHC) library allows Java applications to
easily e ...)
- async-http-client <unfixed> (bug #1139165)
+ [bookworm] - async-http-client <not-affected> (Vulnerable code not
present)
+ [bullseye] - async-http-client <not-affected> (Vulnerable code not
present)
NOTE:
https://github.com/AsyncHttpClient/async-http-client/security/advisories/GHSA-fmxf-pm6p-7xgm
NOTE: Fixed by:
https://github.com/AsyncHttpClient/async-http-client/commit/3b0e3e9e889f950c94665c7b72e1af94f922bfe2
(async-http-client-project-3.0.10)
NOTE: Fixed by:
https://github.com/AsyncHttpClient/async-http-client/commit/5eed33962a412a0100f8117dca849930652bfe30
(async-http-client-project-2.15.0)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e5d1ec2099a997ac3557d5f261c6f3e34ce3037
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e5d1ec2099a997ac3557d5f261c6f3e34ce3037
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits