[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for two gvfs issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Feb 28 18:47:52 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
64a5b16e by Salvatore Bonaccorso at 2026-02-28T19:47:25+01:00
Track fixed version via unstable for two gvfs issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -555,7 +555,7 @@ CVE-2026-2677 (Reflected Cross-Site Scripting (XSS) on the A3factura web platfor
 CVE-2026-2244 (A vulnerability in Google Cloud Vertex AI Workbench from7/21/2025 to 0 ...)
 	NOT-FOR-US: Google Cloud Vertex AI Workbench
 CVE-2026-28296 (A flaw was found in the FTP GVfs backend. A remote attacker could expl ...)
-	- gvfs <unfixed> (bug #1129286)
+	- gvfs 1.59.90-1 (bug #1129286)
 	[trixie] - gvfs <no-dsa> (Minor issue)
 	[bookworm] - gvfs <no-dsa> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/gvfs/-/issues/833
@@ -563,7 +563,7 @@ CVE-2026-28296 (A flaw was found in the FTP GVfs backend. A remote attacker coul
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gvfs/-/commit/2916e8deea297f300056265530c7ca3ea443775f (1.58.2)
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gvfs/-/commit/447ee8a32fe56529bf92c0a733f6d35e724c2689 (1.56.2)
 CVE-2026-28295 (A flaw was found in the FTP GVfs backend. A malicious FTP server can e ...)
-	- gvfs <unfixed> (bug #1129285)
+	- gvfs 1.59.90-1 (bug #1129285)
 	[trixie] - gvfs <no-dsa> (Minor issue)
 	[bookworm] - gvfs <no-dsa> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/gvfs/-/issues/832



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64a5b16eb246b7f9cbd6348c4573b58182be6f4c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64a5b16eb246b7f9cbd6348c4573b58182be6f4c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260228/fd52dc17/attachment.htm>

More information about the debian-security-tracker-commits mailing list