[Git][security-tracker-team/security-tracker][master] new poetry issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Apr 24 23:38:39 BST 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9cd6ea54 by Moritz Muehlenhoff at 2026-04-25T00:38:18+02:00
new poetry issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -105,7 +105,10 @@ CVE-2026-41322 (@astrojs/node allows Astro to deploy your SSR site to Node targe
CVE-2026-41321 (@astrojs/cloudflare is an SSR adapter for use with Cloudflare Workers ...)
NOT-FOR-US: @astrojs/cloudflare
CVE-2026-41140 (Poetry is a dependency manager for Python. Prior to 2.3.4, the extract ...)
- TODO: check
+ - poetry <unfixed>
+ [trixie] - poetry <not-affected> (Trixie ships Python 3.13)
+ NOTE: https://github.com/python-poetry/poetry/security/advisories/GHSA-73h3-mf4w-8647
+ NOTE: https://github.com/python-poetry/poetry/commit/47e97340cae50d3698aac858732788861ba8dd1f
CVE-2026-41079 (OpenPrinting CUPS is an open source printing system for Linux and othe ...)
- cups 2.4.17-1
NOTE: https://github.com/OpenPrinting/cups/security/advisories/GHSA-6wpw-g8g6-wvrv
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9cd6ea541364e3fa5cf44522989cce8553ad0abc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9cd6ea541364e3fa5cf44522989cce8553ad0abc
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260424/a6eec485/attachment.htm>
More information about the debian-security-tracker-commits
mailing list