[Git][security-tracker-team/security-tracker][master] Mark CVE-2026-34871/mbedtls as unimportant

Adrian Bunk (@bunk) bunk at debian.org
Thu Apr 30 14:02:06 BST 2026 


Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ab5f834d by Adrian Bunk at 2026-04-30T16:01:31+03:00
Mark CVE-2026-34871/mbedtls as unimportant

Builds using Glibc or uClibc, running on a kernel where getrandom()
is available, are safe.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15189,8 +15189,9 @@ CVE-2026-34874 (An issue was discovered in Mbed TLS through 3.6.5 and 4.x throug
 	NOTE: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-null-pointer-dereference-x509/
 CVE-2026-34871 (An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0  ...)
 	{DLA-4551-1}
-	- mbedtls <unfixed> (bug #1132577)
+	- mbedtls <unfixed> (bug #1132577; unimportant)
 	NOTE: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-dev-random/
+	NOTE: Builds using Glibc or uClibc, running on a kernel where getrandom() is available, are safe.
 CVE-2026-34751 (Payload is a free and open source headless content management system.  ...)
 	NOT-FOR-US: Payload CMS
 CVE-2026-34604 (Tina is a headless content management system. Prior to version 2.2.2,  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab5f834d1eb1a37342c57853b7386968c5e453fd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab5f834d1eb1a37342c57853b7386968c5e453fd
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260430/b833a60b/attachment.htm>

More information about the debian-security-tracker-commits mailing list