[Git][security-tracker-team/security-tracker][master] Add more rust-coreutils issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Apr 22 22:43:57 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ec500a47 by Salvatore Bonaccorso at 2026-04-22T23:43:30+02:00
Add more rust-coreutils issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -157,27 +157,42 @@ CVE-2026-35379 (A logic error in the tr utility of uutils coreutils causes the p
NOTE: https://github.com/uutils/coreutils/pull/11405
NOTE: Fixed by: https://github.com/uutils/coreutils/commit/358063f3367cb23a1e5db314cfdbfeb607749b3d (0.8.0)
CVE-2026-35378 (A logic error in the expr utility of uutils coreutils causes the progr ...)
- TODO: check
+ - rust-coreutils <unfixed>
+ NOTE: https://github.com/uutils/coreutils/pull/11395
+ NOTE: Fixed by: https://github.com/uutils/coreutils/commit/76b2f7877f558f3bfa78e3d4f49f022460f509b7 (0.8.0)
CVE-2026-35377 (A logic error in the env utility of uutils coreutils causes a failure ...)
- TODO: check
+ - rust-coreutils <unfixed>
+ NOTE: https://github.com/uutils/coreutils/pull/11512
CVE-2026-35376 (A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the ch ...)
- TODO: check
+ - rust-coreutils <unfixed>
+ NOTE: https://github.com/uutils/coreutils/pull/11402
CVE-2026-35375 (A logic error in the split utility of uutils coreutils causes the corr ...)
- TODO: check
+ - rust-coreutils <unfixed>
+ NOTE: https://github.com/uutils/coreutils/pull/11397
+ NOTE: Fixed by: https://github.com/uutils/coreutils/commit/d2b9550fe821a9a10bf0cec057509211357363f1 (0.8.0)
CVE-2026-35374 (A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the sp ...)
- TODO: check
+ - rust-coreutils <unfixed>
+ NOTE: https://github.com/uutils/coreutils/pull/11401
CVE-2026-35373 (A logic error in the ln utility of uutils coreutils causes the program ...)
- TODO: check
+ - rust-coreutils <unfixed>
+ NOTE: https://github.com/uutils/coreutils/pull/11403
CVE-2026-35372 (A logic error in the ln utility of uutils coreutils allows the utility ...)
- TODO: check
+ - rust-coreutils <unfixed>
+ NOTE: https://github.com/uutils/coreutils/pull/11253
+ NOTE: Fixed by: https://github.com/uutils/coreutils/commit/394c4b17f2f382b4be9f54389bcb79028de02f39 (0.8.0)
CVE-2026-35371 (The id utility in uutils coreutils exhibits incorrect behavior in its ...)
- TODO: check
+ - rust-coreutils <unfixed>
+ NOTE: https://github.com/uutils/coreutils/issues/10006
CVE-2026-35370 (The id utility in uutils coreutils miscalculates the groups= section o ...)
- TODO: check
+ - rust-coreutils <unfixed>
+ NOTE: https://github.com/uutils/coreutils/issues/10006
CVE-2026-35369 (An argument parsing error in the kill utility of uutils coreutils inco ...)
- TODO: check
+ - rust-coreutils 0.6.0-1
+ NOTE: https://github.com/uutils/coreutils/pull/9700
+ NOTE: Fixed by: https://github.com/uutils/coreutils/commit/cae94028afcfa19b78dfc1072d1a22d8b2c6ca38 (0.6.0)
CVE-2026-35368 (A vulnerability exists in the chroot utility of uutils coreutils when ...)
- TODO: check
+ - rust-coreutils <unfixed>
+ NOTE: https://github.com/uutils/coreutils/issues/10327
CVE-2026-35367 (The nohup utility in uutils coreutils creates its default output file, ...)
TODO: check
CVE-2026-35366 (The printenv utility in uutils coreutils fails to display environment ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec500a471e720685027c32ded139e36b07942409
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec500a471e720685027c32ded139e36b07942409
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260422/abfcb6d6/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list