[Git][security-tracker-team/security-tracker][master] Add two scitokens-cpp issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Apr 3 13:27:18 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0f388ad0 by Salvatore Bonaccorso at 2026-04-03T14:25:32+02:00
Add two scitokens-cpp issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1612,9 +1612,13 @@ CVE-2026-32917 (OpenClaw before 2026.3.13 contains a remote command injection vu
CVE-2026-32916 (OpenClaw versions 2026.3.7 before 2026.3.11 contain an authorization b ...)
NOT-FOR-US: OpenClaw
CVE-2026-32726 (SciTokens C++ is a minimal library for creating and using SciTokens fr ...)
- TODO: check
+ - scitokens-cpp 1.4.1-1
+ NOTE: https://github.com/scitokens/scitokens-cpp/security/advisories/GHSA-q5fm-fgvx-32jq
+ NOTE: Fixed by: https://github.com/scitokens/scitokens-cpp/commit/decfe2f00cb9cabbf1e17a3bb2cd4ea1bbbd8a73 (v1.4.1)
CVE-2026-32725 (SciTokens C++ is a minimal library for creating and using SciTokens fr ...)
- TODO: check
+ - scitokens-cpp 1.4.1-1
+ NOTE: https://github.com/scitokens/scitokens-cpp/security/advisories/GHSA-rqcx-mc9w-pjxp
+ NOTE: Fixed by: https://github.com/scitokens/scitokens-cpp/commit/7951ed809967d88c00c20de414b1ff74df8c3e08 (v1.4.1)
CVE-2026-32620 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
NOT-FOR-US: Discourse
CVE-2026-32619 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f388ad06690053211f64e944c98c8b73488b8f1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f388ad06690053211f64e944c98c8b73488b8f1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260403/1f63914a/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list