[Git][security-tracker-team/security-tracker][master] Clarify note about introducion of issue for CVE-2026-39973

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Apr 25 13:59:41 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8e050132 by Salvatore Bonaccorso at 2026-04-25T14:59:14+02:00
Clarify note about introducion of issue for CVE-2026-39973

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3193,9 +3193,9 @@ CVE-2026-3298 (The method "sock_recvfrom_into()" of "asyncio.ProacterEventLoop"
 	- python3.9 <not-affected> (Windows-specific)
 	NOTE: https://mail.python.org/archives/list/security-announce@python.org/thread/KWTPIQBOOOUNQP7UFSLBI437NJDFLA3F/
 CVE-2026-39973 (Apktool is a tool for reverse engineering Android APK files. In versio ...)
-	- apktool <not-affected> (Only affects 3.0.1)
+	- apktool <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/iBotPeaches/Apktool/security/advisories/GHSA-m8mh-x359-vm8m
-	NOTE: https://github.com/iBotPeaches/Apktool/pull/4041
+	NOTE: Introduced with: https://github.com/iBotPeaches/Apktool/pull/4041 (v3.0.0)
 CVE-2026-39946 (OpenBao is an open source identity-based secrets management system. Pr ...)
 	- openbao <itp> (bug #1069794)
 CVE-2026-39886 (OpenEXR provides the specification and reference implementation of the ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e05013272fcd466eb3035fffded72f0145ea9d7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e05013272fcd466eb3035fffded72f0145ea9d7
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260425/d37b1b7b/attachment.htm>

More information about the debian-security-tracker-commits mailing list