[Git][security-tracker-team/security-tracker][master] Adjust reference to upstream commit for CVE-2026-25727
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Feb 6 22:16:59 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1e33cc90 by Salvatore Bonaccorso at 2026-02-06T23:15:26+01:00
Adjust reference to upstream commit for CVE-2026-25727
The advisory was about parsing with the RFC 2822 format and the patches
adding a limit to the depth of recursion.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -224,7 +224,7 @@ CVE-2026-25727 (time provides date and time handling in Rust. From 0.3.6 to befo
[bookworm] - rust-time <no-dsa> (Minor issue)
NOTE: https://rustsec.org/advisories/RUSTSEC-2026-0009.html
NOTE: https://github.com/advisories/GHSA-r6v5-fh4h-64xc
- NOTE: https://github.com/time-rs/time/commit/f6206b050fd54817d8872834b4d61f605570e89b (v0.3.47)
+ NOTE: Fixed by: https://github.com/time-rs/time/commit/1c63dc7985b8fa26bd8c689423cc56b7a03841ee (v0.3.47)
CVE-2026-XXXX [RUSTSEC-2026-0008]
- rust-git2 <unfixed> (bug #1127315)
[trixie] - rust-git2 <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e33cc90f21881046f0a394f3a4349c11d0e15fc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e33cc90f21881046f0a394f3a4349c11d0e15fc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260206/838c99c3/attachment.htm>
More information about the debian-security-tracker-commits
mailing list