[Git][security-tracker-team/security-tracker][master] Add two new gegl issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5002fbc1 by Salvatore Bonaccorso at 2026-02-16T19:25:02+01:00
Add two new gegl issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,14 @@
+CVE-2026-2050 [ZDI-CAN-28266: New Vulnerability Report at rgbe.c]
+	- gegl <unfixed>
+	NOTE: https://gitlab.gnome.org/GNOME/gegl/-/issues/446
+	NOTE: https://gitlab.gnome.org/GNOME/gegl/-/merge_requests/241
+	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gegl/-/commit/d32f1badb4bde1d6e8137f687d9ee1195768d4ed
+CVE-2026-2049 [ZDI-CAN-28618: New Vulnerability Report at rgbe.c]
+	- gegl <unfixed>
+	NOTE: https://gitlab.gnome.org/GNOME/gegl/-/issues/450
+	NOTE: https://gitlab.gnome.org/GNOME/gegl/-/merge_requests/241
+	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gegl/-/commit/d32f1badb4bde1d6e8137f687d9ee1195768d4ed
+	NOTE: Same fix as for CVE-2026-2050 (main tracked upstream, considered duplicate)
 CVE-2026-XXXX [telnetd: don't allow systemd service credentials]
 	- inetutils 2:2.7-3
 	[bookworm] - inetutils <ignored> (Not exploitable with util-linux/login Version in Debian bookworm)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5002fbc1aa65ab48762c4c8ad8fa0fa20a543a0b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5002fbc1aa65ab48762c4c8ad8fa0fa20a543a0b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260216/e8206b3b/attachment.htm>