[Git][security-tracker-team/security-tracker][master] new lxml issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Apr 24 23:40:11 BST 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ef936f7f by Moritz Muehlenhoff at 2026-04-25T00:39:53+02:00
new lxml issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -116,7 +116,9 @@ CVE-2026-41079 (OpenPrinting CUPS is an open source printing system for Linux an
CVE-2026-41067 (Astro is a web framework. Prior to 6.1.6, the defineScriptVars functio ...)
NOT-FOR-US: Astro web framework
CVE-2026-41066 (lxml is a library for processing XML and HTML in the Python language. ...)
- TODO: check
+ - lxml 6.1.0-1
+ NOTE: https://github.com/lxml/lxml/security/advisories/GHSA-vfmq-68hx-4jfw
+ NOTE: https://bugs.launchpad.net/lxml/+bug/2146291
CVE-2026-40897 (Math.js is an extensive math library for JavaScript and Node.js. From ...)
TODO: check
CVE-2026-40690 (The asset dependency graph did not restrict nodes by the viewer's DAG ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef936f7f927846d2f3777ed1368df3989ba42984
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef936f7f927846d2f3777ed1368df3989ba42984
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260424/e3353195/attachment.htm>
More information about the debian-security-tracker-commits
mailing list