[Git][security-tracker-team/security-tracker][master] Add two new corosync issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Apr 2 06:33:49 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
91405801 by Salvatore Bonaccorso at 2026-04-02T07:27:07+02:00
Add two new corosync issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -45,9 +45,13 @@ CVE-2026-35093 (A flaw was found in libinput. A local attacker who can place a s
 	NOTE: Fixed by: https://gitlab.freedesktop.org/libinput/libinput/-/commit/49f9a815170fe4178cca8dd3a3e591486aa508a3 (1.31.1)
 	NOTE: Fixed by: https://gitlab.freedesktop.org/libinput/libinput/-/commit/7819c23eaf61b8501169b124baf984edcaf9e5ff (1.30.3)
 CVE-2026-35092 (A flaw was found in Corosync. An integer overflow vulnerability in Cor ...)
-	TODO: check
+	- corosync <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2453814
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2453169
 CVE-2026-35091 (A flaw was found in Corosync. A remote unauthenticated attacker can ex ...)
-	TODO: check
+	- corosync <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2453813
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2453169
 CVE-2026-35000 (ChangeDetection.io versions prior to 0.54.7 contain a protection bypas ...)
 	NOT-FOR-US: ChangeDetection.io
 CVE-2026-34999 (OpenViking versions 0.2.5 prior to 0.2.14 contain a missing authentica ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9140580191a782b509e22a1aa22cba53c57a1936

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9140580191a782b509e22a1aa22cba53c57a1936
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260402/e70dbdd7/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list