[Git][security-tracker-team/security-tracker][master] Reserve DLA-4553-1 for policykit-1

Andreas Henriksson (@ah) gitlab at salsa.debian.org
Wed Apr 29 10:38:59 BST 2026 


Andreas Henriksson pushed to branch master at Debian Security Tracker / security-tracker


Commits:
67ae8bd3 by Andreas Henriksson at 2026-04-29T11:38:52+02:00
Reserve DLA-4553-1 for policykit-1

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -429786,7 +429786,6 @@ CVE-2021-4116 (yetiforcecrm is vulnerable to Improper Neutralization of Input Du
 CVE-2021-4115 (There is a flaw in polkit which can allow an unprivileged user to caus ...)
 	[experimental] - policykit-1 0.120-6
 	- policykit-1 0.105-32 (bug #1005784)
-	[bullseye] - policykit-1 <no-dsa> (Minor issue)
 	[buster] - policykit-1 <not-affected> (Vulnerable code not present, patch introducing issue not backported)
 	[stretch] - policykit-1 <not-affected> (Vulnerable code not present, patch introducing issue not backported)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2007534


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[29 Apr 2026] DLA-4553-1 policykit-1 - security update
+	{CVE-2021-4115 CVE-2026-4897}
+	[bullseye] - policykit-1 0.105-31+deb11u2
 [29 Apr 2026] DLA-4552-1 node-tar - security update
 	{CVE-2024-28863 CVE-2026-23745 CVE-2026-24842 CVE-2026-26960 CVE-2026-29786 CVE-2026-31802}
 	[bullseye] - node-tar 6.0.5+ds1+~cs11.3.9-1+deb11u3


=====================================
data/dla-needed.txt
=====================================
@@ -452,9 +452,6 @@ php-phpseclib (utkarsh)
   NOTE: 20260327: Added by Front-Desk (Beuc)
   NOTE: 20260327: Upcoming DSA; fix also the postponed issue (Beuc/front-desk)
 --
-policykit-1 (ah)
-  NOTE: 20260403: Added by Front-Desk (ta)
---
 pyasn1 (eamanu)
   NOTE: 20260402: Added by Front-Desk (ta)
   NOTE: 20260409: Package is ready for review.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67ae8bd321e343115fbb638da23a989f361ed84f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67ae8bd321e343115fbb638da23a989f361ed84f
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260429/6efc5d37/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list