[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jan 6 07:38:25 GMT 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
31304269 by Moritz Muehlenhoff at 2026-01-06T08:37:41+01:00
trixie/bookworm triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -290,6 +290,8 @@ CVE-2025-XXXX [RUSTSEC-2025-0140]
 	NOTE: https://github.com/GitoxideLabs/gitoxide/issues/2305
 CVE-2026-XXXX [RUSTSEC-2026-0001]
 	- rust-rkyv <unfixed> (bug #1124688)
+	[trixie] - rust-rkyv <no-dsa> (Minor issue)
+	[bookworm] - rust-rkyv <no-dsa> (Minor issue)
 	NOTE: https://rustsec.org/advisories/RUSTSEC-2026-0001.html
 	NOTE: https://github.com/rkyv/rkyv/issues/644
 	NOTE: https://github.com/rkyv/rkyv/commit/b48a86e8b55cb01f8749483910a86bacd0a1d028
@@ -4335,6 +4337,8 @@ CVE-2025-15127 (A security vulnerability has been detected in FantasticLBP Hotel
 	NOT-FOR-US: FantasticLBP Hotels_Server
 CVE-2025-68972 (In GnuPG through 2.4.8, if a signed message has \f at the end of a pla ...)
 	- gnupg2 <unfixed> (bug #1124220)
+	[trixie] - gnupg2 <no-dsa> (Minor issue)
+	[bookworm] - gnupg2 <no-dsa> (Minor issue)
 	NOTE: https://gpg.fail/formfeed
 CVE-2025-15126 (A weakness has been identified in JeecgBoot up to 3.9.0. Affected by t ...)
 	NOT-FOR-US: JeecgBoot


=====================================
data/dsa-needed.txt
=====================================
@@ -53,6 +53,8 @@ php8.2/oldstable (jmm)
 --
 php-laravel-framework/oldstable
 --
+python-aiohttp
+--
 python-django
 --
 python-urllib3 (carnil)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31304269526a55c834dfbb7b284b7561fc2e8a66

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31304269526a55c834dfbb7b284b7561fc2e8a66
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260106/c8694dc5/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list