[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sat Apr 25 11:39:05 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
db7e0ea3 by Moritz Muehlenhoff at 2026-04-25T12:38:28+02:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -90,56 +90,56 @@ CVE-2026-4313 (AdaptiveGRC is vulnerable to Stored XSS via text type fields acro
 CVE-2026-4078 (The ITERAS plugin for WordPress is vulnerable to Stored Cross-Site Scr ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-42095 (bookserver in KDE Arianna before 26.04.1 allows attackers to read file ...)
-	- arianna <unfixed>
+	- arianna <unfixed> (bug #1134880)
 	NOTE: https://kde.org/info/security/advisory-20260424-1.txt
 	NOTE: https://invent.kde.org/graphics/arianna/-/commit/485851d25de279a9d2711d3780443530e9851300
 	NOTE: https://invent.kde.org/graphics/arianna/-/commit/3cd56fce103ab62887c5592827d78a1197cd926a
 CVE-2026-42044 (Axios is a promise based HTTP client for the browser and Node.js. From ...)
-	- node-axios <unfixed>
+	- node-axios <unfixed> (bug #1134878)
 	NOTE: https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23
 CVE-2026-42043 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
-	- node-axios <unfixed>
+	- node-axios <unfixed> (bug #1134878)
 	NOTE: https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7
 CVE-2026-42042 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
-	- node-axios <unfixed>
+	- node-axios <unfixed> (bug #1134878)
 	NOTE: https://github.com/axios/axios/security/advisories/GHSA-xx6v-rp6x-q39c
 CVE-2026-42041 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
-	- node-axios <unfixed>
+	- node-axios <unfixed> (bug #1134878)
 	NOTE: https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63
 CVE-2026-42040 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
-	- node-axios <unfixed>
+	- node-axios <unfixed> (bug #1134878)
 	NOTE: https://github.com/axios/axios/security/advisories/GHSA-xhjh-pmcv-23jw
 CVE-2026-42039 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
-	- node-axios <unfixed>
+	- node-axios <unfixed> (bug #1134878)
 	NOTE: https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9
 CVE-2026-42038 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
-	- node-axios <unfixed>
+	- node-axios <unfixed> (bug #1134878)
 	NOTE: https://github.com/axios/axios/security/advisories/GHSA-m7pr-hjqh-92cm
 CVE-2026-42037 (Axios is a promise based HTTP client for the browser and Node.js. From ...)
-	- node-axios <unfixed>
+	- node-axios <unfixed> (bug #1134878)
 	NOTE: https://github.com/axios/axios/security/advisories/GHSA-445q-vr5w-6q77
 CVE-2026-42036 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
-	- node-axios <unfixed>
+	- node-axios <unfixed> (bug #1134878)
 	NOTE: https://github.com/axios/axios/security/advisories/GHSA-vf2m-468p-8v99
 CVE-2026-42035 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
-	- node-axios <unfixed>
+	- node-axios <unfixed> (bug #1134878)
 	NOTE: https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9
 CVE-2026-42034 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
-	- node-axios <unfixed>
+	- node-axios <unfixed> (bug #1134878)
 	NOTE: https://github.com/axios/axios/security/advisories/GHSA-5c9x-8gcm-mpgx
 CVE-2026-42033 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
-	- node-axios <unfixed>
+	- node-axios <unfixed> (bug #1134878)
 	NOTE: https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf
 CVE-2026-41907 (uuid is for the creation of RFC9562 (formerly RFC4122) UUIDs. Prior to ...)
 	- node-uuid 14.0.0+~11.0.0-1
 	NOTE: https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq
 CVE-2026-41898 (rust-openssl provides OpenSSL bindings for the Rust programming langua ...)
-	- rust-openssl <unfixed>
+	- rust-openssl <unfixed> (bug #1134881)
 	NOTE: https://github.com/rust-openssl/rust-openssl/security/advisories/GHSA-hppc-g8h3-xhp3
 	NOTE: https://github.com/rust-openssl/rust-openssl/pull/2607
 	NOTE: https://github.com/rust-openssl/rust-openssl/commit/1d109020d98fff2fb2e45c39a373af3dff99b24c (openssl-v0.10.78)
 CVE-2026-41681 (rust-openssl provides OpenSSL bindings for the Rust programming langua ...)
-	- rust-openssl <unfixed>
+	- rust-openssl <unfixed> (bug #1134881)
 	NOTE: https://github.com/rust-openssl/rust-openssl/security/advisories/GHSA-ghm9-cr32-g9qj
 	NOTE: https://github.com/rust-openssl/rust-openssl/pull/2608
 	NOTE: https://github.com/rust-openssl/rust-openssl/commit/826c3888b77add418b394770e2b2e3a72d9f92fe (openssl-v0.10.78)
@@ -147,13 +147,13 @@ CVE-2026-41680 (Marked is a markdown parser and compiler. From 18.0.0 to 18.0.1,
 	- node-marked <not-affected> (Only affects 18.0.0 and 18.0.1)
 	NOTE: https://github.com/markedjs/marked/security/advisories/GHSA-6v9c-7cg6-27q7
 CVE-2026-41678 (rust-openssl provides OpenSSL bindings for the Rust programming langua ...)
-	- rust-openssl <unfixed>
+	- rust-openssl <unfixed> (bug #1134881)
 	NOTE: https://github.com/rust-openssl/rust-openssl/security/advisories/GHSA-8c75-8mhr-p7r9
 CVE-2026-41677 (rust-openssl provides OpenSSL bindings for the Rust programming langua ...)
-	- rust-openssl <unfixed>
+	- rust-openssl <unfixed> (bug #1134881)
 	NOTE: https://github.com/rust-openssl/rust-openssl/security/advisories/GHSA-xmgf-hq76-4vx2
 CVE-2026-41676 (rust-openssl provides OpenSSL bindings for the Rust programming langua ...)
-	- rust-openssl <unfixed>
+	- rust-openssl <unfixed> (bug #1134881)
 	NOTE: https://github.com/rust-openssl/rust-openssl/security/advisories/GHSA-pqf5-4pqq-29f5
 CVE-2026-41492 (Dgraph is an open source distributed GraphQL database. Prior to 25.3.3 ...)
 	NOT-FOR-US: Dgraph
@@ -1522,68 +1522,68 @@ CVE-2026-35548 (An issue was discovered in guardsix (formerly Logpoint) ODBC Enr
 CVE-2026-35382
 	REJECTED
 CVE-2026-35381 (A logic error in the cut utility of uutils coreutils causes the utilit ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/pull/11394
 	NOTE: Fixed by: https://github.com/uutils/coreutils/commit/483f13e91830c468262aa1e010e753d6ae99c898 (0.8.0)
 CVE-2026-35380 (A logic error in the cut utility of uutils coreutils causes the progra ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/pull/11399
 	NOTE: Fixed by: https://github.com/uutils/coreutils/commit/593f5b191e8b9c87e4292955999c2d0b5cbcce69 (0.8.0)
 CVE-2026-35379 (A logic error in the tr utility of uutils coreutils causes the program ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/pull/11405
 	NOTE: Fixed by: https://github.com/uutils/coreutils/commit/358063f3367cb23a1e5db314cfdbfeb607749b3d (0.8.0)
 CVE-2026-35378 (A logic error in the expr utility of uutils coreutils causes the progr ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/pull/11395
 	NOTE: Fixed by: https://github.com/uutils/coreutils/commit/76b2f7877f558f3bfa78e3d4f49f022460f509b7 (0.8.0)
 CVE-2026-35377 (A logic error in the env utility of uutils coreutils causes a failure  ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/pull/11512
 CVE-2026-35376 (A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the ch ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/pull/11402
 CVE-2026-35375 (A logic error in the split utility of uutils coreutils causes the corr ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/pull/11397
 	NOTE: Fixed by: https://github.com/uutils/coreutils/commit/d2b9550fe821a9a10bf0cec057509211357363f1 (0.8.0)
 CVE-2026-35374 (A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the sp ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/pull/11401
 CVE-2026-35373 (A logic error in the ln utility of uutils coreutils causes the program ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/pull/11403
 CVE-2026-35372 (A logic error in the ln utility of uutils coreutils allows the utility ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/pull/11253
 	NOTE: Fixed by: https://github.com/uutils/coreutils/commit/394c4b17f2f382b4be9f54389bcb79028de02f39 (0.8.0)
 CVE-2026-35371 (The id utility in uutils coreutils exhibits incorrect behavior in its  ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/10006
 CVE-2026-35370 (The id utility in uutils coreutils miscalculates the groups= section o ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/10006
@@ -1594,12 +1594,12 @@ CVE-2026-35369 (An argument parsing error in the kill utility of uutils coreutil
 	NOTE: https://github.com/uutils/coreutils/pull/9700
 	NOTE: Fixed by: https://github.com/uutils/coreutils/commit/cae94028afcfa19b78dfc1072d1a22d8b2c6ca38 (0.6.0)
 CVE-2026-35368 (A vulnerability exists in the chroot utility of uutils coreutils when  ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/10327
 CVE-2026-35367 (The nohup utility in uutils coreutils creates its default output file, ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/10021
@@ -1611,18 +1611,18 @@ CVE-2026-35366 (The printenv utility in uutils coreutils fails to display enviro
 	NOTE: https://github.com/uutils/coreutils/pull/9728
 	NOTE: Fixed by: https://github.com/uutils/coreutils/commit/0bfbbc00c7895c0fb6ea94987b4aab99e3d7ee52 (0.6.0)
 CVE-2026-35365 (The mv utility in uutils coreutils improperly handles directory trees  ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/pull/10546
 	NOTE: Fixed by: https://github.com/uutils/coreutils/commit/9654e4abaf24449ef2279e9a16963edb5c8b8fef (0.7.0-1)
 CVE-2026-35364 (A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the m ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/10015
 CVE-2026-35363 (A vulnerability in the rm utility of uutils coreutils allows the bypas ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/9749
@@ -1639,12 +1639,12 @@ CVE-2026-35361 (The mknod utility in uutils coreutils fails to handle security l
 	NOTE: https://github.com/uutils/coreutils/pull/10582
 	NOTE: Fixed by: https://github.com/uutils/coreutils/commit/42b2ad83cdcf6e959ecb378c5040c60d9c64becf (0.6.0)
 CVE-2026-35360 (The touch utility in uutils coreutils is vulnerable to a Time-of-Check ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/10019
 CVE-2026-35359 (A Time-of-Check to Time-of-Use (TOCTOU) vulnerability in the cp utilit ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/10017
@@ -1656,7 +1656,7 @@ CVE-2026-35358 (The cp utility in uutils coreutils, when performing recursive co
 	NOTE: https://github.com/uutils/coreutils/pull/11163
 	NOTE: Fixed by: https://github.com/uutils/coreutils/commit/e6a3bb596f149628ba973eec3d099f3bb69f2464 (0.7.0)
 CVE-2026-35357 (The cp utility in uutils coreutils is vulnerable to an information dis ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/10011
@@ -1673,7 +1673,7 @@ CVE-2026-35355 (The install utility in uutils coreutils is vulnerable to a Time-
 	NOTE: https://github.com/uutils/coreutils/pull/10067
 	NOTE: Fixed by: https://github.com/uutils/coreutils/commit/b5bbabc18a1121908848d836f869a4e98eb63886 (0.6.0)
 CVE-2026-35354 (A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the mv ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/10014
@@ -1684,19 +1684,19 @@ CVE-2026-35353 (The mkdir utility in uutils coreutils incorrectly applies permis
 	NOTE: https://github.com/uutils/coreutils/pull/10036
 	NOTE: Fixed by; https://github.com/uutils/coreutils/commit/037b9583bc03d814e8516df54ebcda6f681fe1f8 (0.6.0)
 CVE-2026-35352 (A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the m ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/10020
 CVE-2026-35351 (The mv utility in uutils coreutils fails to preserve file ownership du ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/9714
 	NOTE: https://github.com/uutils/coreutils/pull/11706
 	NOTE: Fixed by: https://github.com/uutils/coreutils/commit/874efa7cc3361cb5af2a97db869147f910bcab44
 CVE-2026-35350 (The cp utility in uutils coreutils fails to properly handle setuid and ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/9750
@@ -1707,7 +1707,7 @@ CVE-2026-35349 (A vulnerability in the rm utility of uutils coreutils allows a b
 	NOTE: https://github.com/uutils/coreutils/pull/9706
 	NOTE: Fixed by: https://github.com/uutils/coreutils/commit/5e5968cdbc6618acd6c2402a8a98b503f278835e (0.7.0)
 CVE-2026-35348 (The sort utility in uutils coreutils is vulnerable to a process panic  ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/9696
@@ -1725,17 +1725,17 @@ CVE-2026-35346 (The comm utility in uutils coreutils silently corrupts data by p
 	NOTE: https://github.com/uutils/coreutils/pull/10206
 	NOTE: Fixed by: https://github.com/uutils/coreutils/commit/b9372e509ea9b278fe13763237067a261bb8c946 (0.6.0)
 CVE-2026-35345 (A vulnerability in the tail utility of uutils coreutils allows for the ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/10328
 CVE-2026-35344 (The dd utility in uutils coreutils suppresses errors during file trunc ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/9745
 CVE-2026-35343 (The cut utility in uutils coreutils incorrectly handles the -s (only-d ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/pull/11143
@@ -1747,7 +1747,7 @@ CVE-2026-35342 (The mktemp utility in uutils coreutils fails to properly handle
 	NOTE: https://github.com/uutils/coreutils/pull/10566
 	NOTE: Fixed by (merge): https://github.com/uutils/coreutils/commit/eb25ec328b226d8fbbaa4058bf9187165bf06d51 (0.6.0)
 CVE-2026-35341 (A vulnerability in uutils coreutils mkfifo allows for the unauthorized ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/issues/10020
@@ -1764,7 +1764,7 @@ CVE-2026-35339 (The recursive mode (-R) of the chmod utility in uutils coreutils
 	NOTE: https://github.com/uutils/coreutils/pull/9793
 	NOTE: Fixed by: https://github.com/uutils/coreutils/commit/abd581f62e97d0b147306ac40eac13af71c6fbba (0.6.0)
 CVE-2026-35338 (A vulnerability in the chmod utility of uutils coreutils allows users  ...)
-	- rust-coreutils <unfixed>
+	- rust-coreutils <unfixed> (bug #1134876)
 	[trixie] - rust-coreutils <no-dsa> (Minor issue)
 	[bookworm] - rust-coreutils <no-dsa> (Minor issue)
 	NOTE: https://github.com/uutils/coreutils/pull/10033



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db7e0ea38cd110e85d7a8251cc3f65b396944887

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db7e0ea38cd110e85d7a8251cc3f65b396944887
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260425/0fb032b1/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list