[Git][security-tracker-team/security-tracker][master] Record fix from 2.3.4 for CVE-2026-41140

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8113ebe7 by Salvatore Bonaccorso at 2026-04-25T16:13:49+02:00
Record fix from 2.3.4 for CVE-2026-41140

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -228,7 +228,8 @@ CVE-2026-41140 (Poetry is a dependency manager for Python. Prior to 2.3.4, the e
 	- poetry <unfixed>
 	[trixie] - poetry <not-affected> (Trixie ships Python 3.13)
 	NOTE: https://github.com/python-poetry/poetry/security/advisories/GHSA-73h3-mf4w-8647
-	NOTE: https://github.com/python-poetry/poetry/commit/47e97340cae50d3698aac858732788861ba8dd1f
+	NOTE: Fixed by: https://github.com/python-poetry/poetry/commit/47e97340cae50d3698aac858732788861ba8dd1f (main)
+	NOTE: Fixed by: https://github.com/python-poetry/poetry/commit/e512e7fc5557251c7c9c59d0029506e77db1ea18 (2.3.4)
 CVE-2026-41079 (OpenPrinting CUPS is an open source printing system for Linux and othe ...)
 	- cups 2.4.17-1
 	NOTE: https://github.com/OpenPrinting/cups/security/advisories/GHSA-6wpw-g8g6-wvrv



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8113ebe77bde58836f2e42105ba75daed8e6c406

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8113ebe77bde58836f2e42105ba75daed8e6c406
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260425/4a852d92/attachment.htm>