[Git][security-tracker-team/security-tracker][master] 2 commits: lts: triage gradle issues as no-dsa
Emilio Pozuelo Monfort (@pochu)
pochu at debian.org
Mon Jan 19 15:43:51 GMT 2026
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits:
74124273 by Emilio Pozuelo Monfort at 2026-01-19T16:43:38+01:00
lts: triage gradle issues as no-dsa
- - - - -
cd45cf71 by Emilio Pozuelo Monfort at 2026-01-19T16:43:40+01:00
lts: triage CVE-2025-56226/libsndfile as n/a on bullseye
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -153,11 +153,13 @@ CVE-2026-22865 (Gradle is a build automation tool, and its native-platform tool
- gradle <unfixed>
[trixie] - gradle <no-dsa> (Minor issue)
[bookworm] - gradle <no-dsa> (Minor issue)
+ [bullseye] - gradle <no-dsa> (Minor issue)
NOTE: https://github.com/gradle/gradle/security/advisories/GHSA-mqwm-5m85-gmcv
CVE-2026-22816 (Gradle is a build automation tool, and its native-platform tool provid ...)
- gradle <unfixed>
[trixie] - gradle <no-dsa> (Minor issue)
[bookworm] - gradle <no-dsa> (Minor issue)
+ [bullseye] - gradle <no-dsa> (Minor issue)
NOTE: https://github.com/gradle/gradle/security/advisories/GHSA-w78c-w6vf-rw82
NOTE: Fixed by: https://github.com/gradle/gradle/commit/e5707d0d8fce3d768c9c489004700d78eab1773a (v9.3.0-RC2)
CVE-2026-21223 (Microsoft Edge Elevation Service exposes a privileged COM interface th ...)
@@ -1249,6 +1251,7 @@ CVE-2025-56226 (Libsndfile <=1.2.2 contains a memory leak vulnerability in the m
- libsndfile <unfixed> (bug #1125674)
[trixie] - libsndfile <no-dsa> (Minor issue)
[bookworm] - libsndfile <no-dsa> (Minor issue)
+ [bullseye] - libsndfile <not-affected> (MPEG encoder introduced later)
NOTE: https://github.com/libsndfile/libsndfile/issues/1089
NOTE: Fixed by: https://github.com/libsndfile/libsndfile/commit/d9a35ea0d5c64c19dd635ae578e0028df8f66d6a
CVE-2025-37185 (Vulnerabilities in the web-based management interface of EdgeConnect S ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/89c17896cc0dd39f4a318bb39ceca8dcb499e66e...cd45cf71f8f4f70e83c2865c141f83e1269cb3ff
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/89c17896cc0dd39f4a318bb39ceca8dcb499e66e...cd45cf71f8f4f70e83c2865c141f83e1269cb3ff
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260119/70ae446e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list