[Git][security-tracker-team/security-tracker][master] Adjust some links for libarchive
Arnaud Rebillout (@arnaudr)
arnaudr at debian.org
Thu Apr 23 17:58:22 BST 2026
Arnaud Rebillout pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b251ede0 by Arnaud Rebillout at 2026-04-23T23:57:10+07:00
Adjust some links for libarchive
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13146,7 +13146,8 @@ CVE-2026-5121 (A flaw was found in libarchive. On 32-bit systems, an integer ove
[trixie] - libarchive <no-dsa> (Minor issue)
[bookworm] - libarchive <no-dsa> (Minor issue)
NOTE: https://github.com/libarchive/libarchive/pull/2934
- NOTE: https://github.com/libarchive/libarchive/commit/071e2e1c5981372d40482995ba83c98c8b595418
+ NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/a2a73a8f14b3208c7f6acbbc93265254a7c1efd0
+ NOTE: Same fix as for CVE-2026-4426
CVE-2026-4425
REJECTED
CVE-2026-4416 (The Performance Library component of Gigabyte Control Center has an In ...)
@@ -19742,12 +19743,15 @@ CVE-2026-4426 (A flaw was found in libarchive. An Undefined Behavior vulnerabili
[trixie] - libarchive <postponed> (Minor issue, revisit when fixed upstream)
[bookworm] - libarchive <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/libarchive/libarchive/pull/2897
+ NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/a2a73a8f14b3208c7f6acbbc93265254a7c1efd0
+ NOTE: Same fix as for CVE-2026-5121
CVE-2026-4424 (A flaw was found in libarchive. This heap out-of-bounds read vulnerabi ...)
- libarchive 3.8.7-1 (bug #1131446)
[trixie] - libarchive <no-dsa> (Minor issue)
[bookworm] - libarchive <no-dsa> (Minor issue)
NOTE: https://github.com/libarchive/libarchive/pull/2898
- NOTE: https://github.com/libarchive/libarchive/commit/762b30011a932c6ab988fd8664899a07eb6b7657
+ NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/d379dc0b2976b7207d1ad78f5ed3eb99a5b6d375
+ NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/e1907c5832b6489c7b4198b0825f857c93a03c10
CVE-2026-3658 (The Appointment Booking Calendar \u2014 Simply Schedule Appointments B ...)
NOT-FOR-US: WordPress plugin
CVE-2026-3580 (In wolfSSL 5.8.4, constant-time masking logic in sp_256_get_entry_256_ ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b251ede078b61332d77f24860cda9f4b1aa2249f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b251ede078b61332d77f24860cda9f4b1aa2249f
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260423/8911e72d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list