[Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2021-4456 in libnet-cidr-perl for bullseye LTS.

Chris Lamb (@lamby) Mon, 02 Mar 2026 11:41:04 -0800


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker



Commits:
aaddccdf by Chris Lamb at 2026-03-02T10:22:51-08:00
Triage CVE-2021-4456 in libnet-cidr-perl for bullseye LTS.

- - - - -
cf194667 by Chris Lamb at 2026-03-02T10:23:12-08:00
Triage CVE-2026-3408 in openbabel for bullseye LTS.

- - - - -
acb971a7 by Chris Lamb at 2026-03-02T10:23:26-08:00
Triage CVE-2026-28351 in pypdf2 for bullseye LTS.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14,6 +14,7 @@ CVE-2026-3408 (A vulnerability was identified in Open Babel 
up to 3.1.1. This im
        - openbabel <unfixed>
        [trixie] - openbabel <no-dsa> (Minor issue)
        [bookworm] - openbabel <no-dsa> (Minor issue)
+       [bullseye] - openbabel <postponed> (Minor issue; can be fixed in next 
update)
        NOTE: https://github.com/openbabel/openbabel/issues/2848
        NOTE: https://github.com/openbabel/openbabel/pull/2862
 CVE-2026-3407 (A vulnerability was determined in YosysHQ yosys up to 0.62. 
This affec ...)
@@ -171,6 +172,7 @@ CVE-2026-28351 (pypdf is a free and open-source pure-python 
PDF library. Prior t
        [bookworm] - pypdf <no-dsa> (Minor issue)
        - pypdf2 <removed>
        [bookworm] - pypdf2 <no-dsa> (Minor issue)
+       [bullseye] - pypdf2 <postponed> (Minor issue; can be fixed in next 
update)
        NOTE: 
https://github.com/py-pdf/pypdf/security/advisories/GHSA-f2v5-7jq9-h8cg
        NOTE: https://github.com/py-pdf/pypdf/pull/3664
        NOTE: Fixed by: 
https://github.com/py-pdf/pypdf/commit/f309c6003746414dc7b5048c19e6d879ff2dc858 
(6.7.4)
@@ -659,6 +661,7 @@ CVE-2026-XXXX [rashes Opus buffer overruns]
 CVE-2021-4456 (Net::CIDR versions before 0.24 for Perl mishandle leading zeros 
in IP  ...)
        - libnet-cidr-perl 0.25-1
        [bookworm] - libnet-cidr-perl <no-dsa> (Minor issue)
+       [bullseye] - libnet-cidr-perl <postponed> (Minor issue; can be fixed in 
next update)
        NOTE: https://lists.security.metacpan.org/cve-announce/msg/37425715/
        NOTE: Fixed by: 
https://github.com/svarshavchik/Net-CIDR/commit/e3648c6bc6bdd018f90cca4149c467017d42bd10
 CVE-2025-40932 (Apache::SessionX versions through 2.01 for Perl create 
insecure sessio ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/417e0546cb6dd81acdb654b1f314a17ad4bac987...acb971a747096fa3219d07cf2c23a453d6476fed

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/417e0546cb6dd81acdb654b1f314a17ad4bac987...acb971a747096fa3219d07cf2c23a453d6476fed
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2021-4456 in libnet-cidr-perl for bullseye LTS.

Reply via email to