Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
11f31687 by Salvatore Bonaccorso at 2026-07-15T11:46:48+02:00
Process two NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -67,7 +67,7 @@ CVE-2026-5269 (In Ciena's Navigator Network Control Suite
(NCS) and Manage Contr
CVE-2026-5040 (TP-Link Deco M5 v1 uses a weak password hashing mechanism to
store use ...)
NOT-FOR-US: TPLink
CVE-2026-59891 (sigstore-js provides JavaScript libraries for interacting with
Sigstor ...)
- TODO: check
+ NOT-FOR-US: sigstore-js
CVE-2026-59889 (jackson-databind contains the general-purpose data-binding
functionali ...)
- jackson-databind <not-affected> (Vulnerable code introduced later)
NOTE:
https://github.com/FasterXML/jackson-databind/security/advisories/GHSA-5gvw-p9qm-jgwh
@@ -114,7 +114,7 @@ CVE-2026-59732 (Rclone is a command-line program to sync
files and directories t
CVE-2026-59674 (A UNIX Symbolic Link (Symlink) Following vulnerability in
openSUSE Tum ...)
TODO: check
CVE-2026-59246 (Allocation of resources without limits vulnerability in
elixir-mint mi ...)
- TODO: check
+ NOT-FOR-US: elixir-mint mint
CVE-2026-59205 (Pillow is a Python imaging library. Prior to 12.3.0, Pillow's
ImageCms ...)
TODO: check
CVE-2026-59204 (Pillow is a Python imaging library. From 8.2.0 through 12.2.0,
src/lib ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11f31687154302a0a05b03aae84243145450a855
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11f31687154302a0a05b03aae84243145450a855
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits