[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-21876/modsecurity-crs via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jan 19 20:49:23 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a3e19ae0 by Salvatore Bonaccorso at 2026-01-19T21:48:44+01:00
Track fixed version for CVE-2026-21876/modsecurity-crs via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3782,7 +3782,7 @@ CVE-2026-21885 (Miniflux 2 is an open source feed reader. Prior to version 2.2.1
NOTE: https://github.com/miniflux/v2/security/advisories/GHSA-xwh2-742g-w3wp
NOTE: Fixed by: https://github.com/miniflux/v2/commit/6c83e8c477b4d476aee5fbb87e47472c9ded01de (v2.2.16)
CVE-2026-21876 (The OWASP core rule set (CRS) is a set of generic attack detection rul ...)
- - modsecurity-crs <unfixed> (bug #1125084)
+ - modsecurity-crs 3.3.8-1 (bug #1125084)
NOTE: https://github.com/coreruleset/coreruleset/security/advisories/GHSA-36fv-25j3-r2c5
NOTE: Fixed by (merge): https://github.com/coreruleset/coreruleset/commit/80d80473abf71bd49bf6d3c1ab221e3c74e4eb83 (v3.3.8)
NOTE: Fixed by (merge): https://github.com/coreruleset/coreruleset/commit/9917985de09a6cf38b3261faf9105e909d67a7d6 (v4.22.0)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3e19ae032b6b6aca2ce32b6a3cc75d019aa37d8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3e19ae032b6b6aca2ce32b6a3cc75d019aa37d8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260119/5c6d506d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list