Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
21a3a05b by Salvatore Bonaccorso at 2026-07-06T21:54:00+02:00
Add CVE-2026-54291/libpgjava
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -56,7 +56,9 @@ CVE-2026-55379 (Pillow is a Python imaging library. Prior to
12.3.0, PIL/BdfFont
CVE-2026-54893 (URL path injection in the Microsoft Graph adapter of Swoosh.
Swoosh.Ad ...)
TODO: check
CVE-2026-54291 (pgjdbc is an open source postgresql JDBC Driver. In releases
42.7.4 th ...)
- TODO: check
+ - libpgjava 42.7.12-1
+ NOTE:
https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-j92g-9f8w-j867
+ NOTE: Fixed by:
https://github.com/pgjdbc/pgjdbc/commit/77df98e4e66c12936ded3478a0954f6f580bad99
(REL42.7.12)
CVE-2026-54060 (Pillow is a Python imaging library. Prior to 12.3.0,
PIL/FontFile.py F ...)
- pillow <unfixed>
NOTE:
https://github.com/python-pillow/Pillow/security/advisories/GHSA-5x94-69rx-g8h2
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21a3a05bf25aa652d492580585d4cd168579a549
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21a3a05bf25aa652d492580585d4cd168579a549
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits