[Git][security-tracker-team/security-tracker][master] new libpng1.6 issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Jan 13 07:58:06 GMT 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d69111f0 by Moritz Muehlenhoff at 2026-01-13T08:57:40+01:00
new libpng1.6 issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,14 @@
+CVE-2026-22801
+ - libpng1.6 <unfixed>
+ NOTE: https://github.com/pnggroup/libpng/security/advisories/GHSA-vgjq-8cw5-ggw8
+ NOTE: Fixed by: https://github.com/pnggroup/libpng/commit/cf155de014
+CVE-2026-22695
+ - libpng1.6 <unfixed>
+ NOTE: https://github.com/pnggroup/libpng/security/advisories/GHSA-mmq5-27w3-rxpp
+ NOTE: Introduced by: https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea (v1.6.51)
+ NOTE: Fixed by: https://github.com/pnggroup/libpng/commit/e4f7ad4ea2
+ NOTE: Introducing fix for CVE-2025-65018 got backported into older suites
+ NOTE: https://github.com/pnggroup/libpng/issues/778
CVE-2026-0665 [qemu: Heap off-by-one in KVM Xen PHYSDEVOP_map_pirq]
- qemu <unfixed>
NOTE: https://lore.kernel.org/qemu-devel/13FE03BE60EA78D6+20260109023548.4047-1-vr@darknavy.com/
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d69111f03889081fb2cb64065224d65501134ebf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d69111f03889081fb2cb64065224d65501134ebf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260113/db24ebd7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list