[Git][security-tracker-team/security-tracker][master] lts: triage golang-golang-x-image issues as no-dsa

[Emilio Pozuelo Monfort (@pochu)]

Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d942afb9 by Emilio Pozuelo Monfort at 2026-04-22T18:08:41+02:00
lts: triage golang-golang-x-image issues as no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -507,10 +507,12 @@ CVE-2026-34266 (Vulnerability in the PeopleSoft Enterprise HCM Absence Managemen
 	NOT-FOR-US: Oracle
 CVE-2026-33813 (Parsing a WEBP image with an invalid, large size panics on 32-bit plat ...)
 	- golang-golang-x-image 0.39.0-1
+	[bullseye] - golang-golang-x-image <no-dsa> (Limited support; minor issue)
 	NOTE: https://go-review.googlesource.com/c/image/+/759860
 	NOTE: https://github.com/golang/go/issues/78407
 CVE-2026-33812 (Parsing a malicious font file can cause excessive memory allocation.)
 	- golang-golang-x-image 0.39.0-1
+	[bullseye] - golang-golang-x-image <no-dsa> (Limited support; minor issue)
 	NOTE: https://go-review.googlesource.com/c/image/+/761180
 	NOTE: https://github.com/golang/go/issues/78382
 CVE-2026-33519 (An incorrect authorization vulnerability exists in Esri Portal for Arc ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d942afb9c49ec2b9ee5409706fbc99f030faa111

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d942afb9c49ec2b9ee5409706fbc99f030faa111
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260422/134151b4/attachment.htm>