[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Sun Jan 18 18:48:20 GMT 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
684b4abf by Moritz Muehlenhoff at 2026-01-18T19:46:37+01:00
trixie/bookworm triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -168,6 +168,8 @@ CVE-2026-23634 (Pepr is a type safe K8s middleware. Prior to 1.0.5 , Pepr defaul
NOT-FOR-US: Pepr
CVE-2026-23535 (wlc is a Weblate command-line client using Weblate's REST API. Prior t ...)
- wlc <unfixed> (bug #1125755)
+ [trixie] - wlc <no-dsa> (Minor issue)
+ [bookworm] - wlc <no-dsa> (Minor issue)
NOTE: https://github.com/WeblateOrg/wlc/security/advisories/GHSA-mmwx-79f6-67jg
NOTE: https://github.com/WeblateOrg/wlc/pull/1128
NOTE: Fixed by: https://github.com/WeblateOrg/wlc/commit/216e691c6e50abae97fe2e4e4f21501bf49a585f (1.17.2)
@@ -2722,6 +2724,8 @@ CVE-2024-14021 (LlamaIndex (run-llama/llama_index) versions up to and including
NOT-FOR-US: LlamaIndex (run-llama/llama_index)
CVE-2026-22801 (LIBPNG is a reference library for use in applications that read, creat ...)
- libpng1.6 <unfixed> (bug #1125444)
+ [trixie] - libpng1.6 <no-dsa> (Minor issue)
+ [bookworm] - libpng1.6 <no-dsa> (Minor issue)
NOTE: https://github.com/pnggroup/libpng/security/advisories/GHSA-vgjq-8cw5-ggw8
NOTE: Fixed by: https://github.com/pnggroup/libpng/commit/cf155de014fc6c5cb199dd681dd5c8fb70429072
CVE-2026-22695 (LIBPNG is a reference library for use in applications that read, creat ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -53,6 +53,8 @@ php8.2/oldstable (jmm)
--
php-laravel-framework/oldstable
--
+pyasn1
+--
python-aiohttp
--
python-django
@@ -80,7 +82,7 @@ tomcat11/stable (apo)
--
usbmuxd (corsac)
--
-wireshark
+wireshark (jmm)
--
zabbix/oldstable
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/684b4abf76d98b5e4fa212b9cc08479f817bd501
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/684b4abf76d98b5e4fa212b9cc08479f817bd501
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260118/435eec58/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list