[Git][security-tracker-team/security-tracker][master] Update status for rust-pyo3 issue
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Apr 26 12:46:58 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8d1ade94 by Salvatore Bonaccorso at 2026-04-26T13:46:26+02:00
Update status for rust-pyo3 issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33911,9 +33911,10 @@ CVE-2019-25402 (Comodo Dome Firewall 2.7.0 contains a reflected cross-site scrip
NOT-FOR-US: Comodo Dome Firewall
CVE-2026-XXXX [RUSTSEC-2026-0013]
- rust-pyo3 <unfixed>
- [trixie] - rust-pyo3 <no-dsa> (Minor issue)
- [bookworm] - rust-pyo3 <no-dsa> (Minor issue)
+ [trixie] - rust-pyo3 <not-affected> (Vulnerable code not present)
+ [bookworm] - rust-pyo3 <not-affected> (Vulnerable code not present)
NOTE: https://rustsec.org/advisories/RUSTSEC-2026-0013.html
+ NOTE: Fixed by: https://github.com/PyO3/pyo3/commit/75abd8602896b350fd8c778e52e0a74b4644ccca (v0.28.2)
CVE-2026-27206 (Zumba Json Serializer is a library to serialize PHP variables in JSON ...)
- php-zumba-json-serializer 3.2.4-1 (bug #1128481)
[trixie] - php-zumba-json-serializer <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d1ade94e81fd1b56917e42f71ed6451754e162f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d1ade94e81fd1b56917e42f71ed6451754e162f
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260426/85ecc6a2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list