[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-23949/jaraco.context

Wed Jan 21 15:48:46 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7fd8b95e by Salvatore Bonaccorso at 2026-01-21T16:48:37+01:00
Update status for CVE-2026-23949/jaraco.context

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -484,7 +484,9 @@ CVE-2026-23950 (node-tar,a Tar for Node.js, has a race condition vulnerability i
 	NOTE: Only an issue on case-insensitive filesystems, which are a very poor choice for a Nodejs deployment to begin with
 CVE-2026-23949 (jaraco.context, an open-source software package that provides some use ...)
 	- jaraco.context <unfixed>
+	[bookworm] - jaraco.context <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/jaraco/jaraco.context/security/advisories/GHSA-58pv-8j8x-9vj2
+	NOTE: Introduced with: https://github.com/jaraco/jaraco.context/commit/e13fc7f2b379683c326153a3d6f4d2800f812fd0 (v5.2.0)
 	NOTE: Fixed by: https://github.com/jaraco/jaraco.context/commit/7b26a42b525735e4085d2e994e13802ea339d5f9 (v6.1.0)
 CVE-2026-23947 (Orval generates type-safe JS clients (TypeScript) from any valid OpenA ...)
 	NOT-FOR-US: Orval



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7fd8b95eb7f8f94c6461fc8dfabaf05dc511a033

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7fd8b95eb7f8f94c6461fc8dfabaf05dc511a033
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260121/23bae7b3/attachment.htm>
