[Git][security-tracker-team/security-tracker][master] Track fixed version for two rekor issues fixed via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Feb 5 04:47:52 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e0dbcc21 by Salvatore Bonaccorso at 2026-02-05T05:46:15+01:00
Track fixed version for two rekor issues fixed via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4565,11 +4565,11 @@ CVE-2025-14069 (The Schema & Structured Data for WP & AMP plugin for WordPress i
CVE-2024-11976 (The The BuddyPress plugin for WordPress is vulnerable to arbitrary sho ...)
NOT-FOR-US: WordPress plugin
CVE-2026-24117 (Rekor is a software supply chain transparency log. In versions 1.4.3 a ...)
- - rekor <unfixed> (bug #1126276)
+ - rekor 1.5.0-1 (bug #1126276)
NOTE: https://github.com/sigstore/rekor/security/advisories/GHSA-4c4x-jm2x-pf9j
NOTE: Fixed by: https://github.com/sigstore/rekor/commit/60ef2bceba192c5bf9327d003bceea8bf1f8275f (v1.5.0)
CVE-2026-23831 (Rekor is a software supply chain transparency log. In versions 1.4.3 a ...)
- - rekor <unfixed> (bug #1126275)
+ - rekor 1.5.0-1 (bug #1126275)
NOTE: https://github.com/sigstore/rekor/security/advisories/GHSA-273p-m2cw-6833
NOTE: Fixed by: https://github.com/sigstore/rekor/commit/39bae3d192bce48ef4ef2cbd1788fb5770fee8cd (v1.5.0)
CVE-2026-24390 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0dbcc2170b47ef9af94bff5d37a1cae22eb29b5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0dbcc2170b47ef9af94bff5d37a1cae22eb29b5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260205/2bb0afb7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list