[Git][security-tracker-team/security-tracker][master] Fix some notes

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b3d0a089 by Salvatore Bonaccorso at 2026-01-23T16:27:21+01:00
Fix some notes

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -317,7 +317,7 @@ CVE-2026-23996 (FastAPI Api Key provides a backend-agnostic library that provide
 CVE-2026-23992 (go-tuf is a Go implementation of The Update Framework (TUF). Starting  ...)
 	- golang-github-theupdateframework-go-tuf <unfixed>
 	NOTE: https://github.com/theupdateframework/go-tuf/security/advisories/GHSA-fphv-w9fq-2525
-	NOTE: Fixed by; https://github.com/theupdateframework/go-tuf/commit/b38d91fdbc69dfe31fe9230d97dafe527ea854a0 (v2.3.1)
+	NOTE: Fixed by: https://github.com/theupdateframework/go-tuf/commit/b38d91fdbc69dfe31fe9230d97dafe527ea854a0 (v2.3.1)
 CVE-2026-23991 (go-tuf is a Go implementation of The Update Framework (TUF). Starting  ...)
 	- golang-github-theupdateframework-go-tuf <unfixed>
 	NOTE: https://github.com/theupdateframework/go-tuf/security/advisories/GHSA-846p-jg2w-w324
@@ -5366,7 +5366,7 @@ CVE-2026-22702 (virtualenv is a tool for creating isolated virtual python enviro
 	[bookworm] - python-virtualenv <no-dsa> (Minor issue)
 	NOTE: https://github.com/pypa/virtualenv/security/advisories/GHSA-597g-3phw-6986
 	NOTE: https://github.com/pypa/virtualenv/pull/3013
-	NOTE: Fixed by; https://github.com/pypa/virtualenv/commit/dec4cec5d16edaf83a00a658f32d1e032661cebc (20.36.1)
+	NOTE: Fixed by: https://github.com/pypa/virtualenv/commit/dec4cec5d16edaf83a00a658f32d1e032661cebc (20.36.1)
 CVE-2026-22701 (filelock is a platform-independent file lock for Python. Prior to vers ...)
 	- python-filelock <unfixed> (bug #1125190)
 	[trixie] - python-filelock <no-dsa> (Minor issue)
@@ -5407,7 +5407,7 @@ CVE-2026-22690 (pypdf is a free and open-source pure-python PDF library. Prior t
 	[bullseye] - pypdf2 <postponed> (Minor issue)
 	NOTE: https://github.com/py-pdf/pypdf/security/advisories/GHSA-4xc4-762w-m6cg
 	NOTE: https://github.com/py-pdf/pypdf/pull/3594
-	NOTE: Fixed by; https://github.com/py-pdf/pypdf/commit/294165726b646bb7799be1cc787f593f2fdbcf45 (6.6.0)
+	NOTE: Fixed by: https://github.com/py-pdf/pypdf/commit/294165726b646bb7799be1cc787f593f2fdbcf45 (6.6.0)
 CVE-2026-22689 (Mailpit is an email testing tool and API for developers. Prior to vers ...)
 	NOT-FOR-US: Mailpit
 CVE-2026-22688 (WeKnora is an LLM-powered framework designed for deep document underst ...)
@@ -145261,7 +145261,7 @@ CVE-2024-48992 (Qualys discovered that needrestart, before version 3.8, allows l
 	{DSA-5815-1 DLA-3957-1}
 	- needrestart 3.7-3.1
 	NOTE: https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
-	NOTE: Fixed by; https://github.com/liske/needrestart/commit/b5f25f6ec6e7dd0c5be249e4e45de4ee9ffe594f (v3.8)
+	NOTE: Fixed by: https://github.com/liske/needrestart/commit/b5f25f6ec6e7dd0c5be249e4e45de4ee9ffe594f (v3.8)
 CVE-2024-48991 (Qualys discovered that needrestart, before version 3.8, allows local a ...)
 	{DSA-5815-1 DLA-3957-1}
 	- needrestart 3.7-3.1
@@ -162908,7 +162908,7 @@ CVE-2024-8949 (A vulnerability classified as critical has been found in SourceCo
 CVE-2024-8948 (A vulnerability was found in MicroPython 1.23.0. It has been rated as  ...)
 	- micropython 1.24.0+ds-1 (bug #1082511)
 	NOTE: https://github.com/micropython/micropython/issues/13041
-	NOTE: Fixed by; https://github.com/micropython/micropython/commit/908ab1ceca15ee6fd0ef82ca4cba770a3ec41894 (v1.24.0)
+	NOTE: Fixed by: https://github.com/micropython/micropython/commit/908ab1ceca15ee6fd0ef82ca4cba770a3ec41894 (v1.24.0)
 CVE-2024-8947 (A vulnerability was found in MicroPython 1.22.2. It has been declared  ...)
 	- micropython 1.24.0+ds-1 (bug #1082511)
 	NOTE: https://github.com/micropython/micropython/issues/13283
@@ -380546,7 +380546,7 @@ CVE-2021-45845 (The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS
 CVE-2021-45844 (Improper sanitization in the invocation of ODA File Converter from Fre ...)
 	{DSA-5229-1 DLA-3076-1 DLA-2934-1}
 	- freecad 0.19.4+dfsg1-1 (bug #1005747)
-	NOTE: Fixed by; https://github.com/FreeCAD/FreeCAD/commit/1742d7ff82af1653253c4a4183c262c9af3b26d6 (master)
+	NOTE: Fixed by: https://github.com/FreeCAD/FreeCAD/commit/1742d7ff82af1653253c4a4183c262c9af3b26d6 (master)
 	NOTE: Fixed by: https://github.com/FreeCAD/FreeCAD/commit/ad6977f940d3e64d78a4367452d9a338ad43fa1c (0.19.4)
 	NOTE: https://tracker.freecad.org/view.php?id=4809
 CVE-2021-45843 (glFusion CMS v1.7.9 is affected by a reflected Cross Site Scripting (X ...)
@@ -389883,7 +389883,7 @@ CVE-2021-43453 (A Heap-based Buffer Overflow vulnerability exists in JerryScript
 	[buster] - iotjs <no-dsa> (Minor issue)
 	NOTE: https://github.com/jerryscript-project/jerryscript/pull/4808
 	NOTE: https://github.com/jerryscript-project/jerryscript/issues/4754
-	NOTE: Fixed by; https://github.com/jerryscript-project/jerryscript/commit/efe63a5bbc5106164a08ee2eb415a7a701f5311f
+	NOTE: Fixed by: https://github.com/jerryscript-project/jerryscript/commit/efe63a5bbc5106164a08ee2eb415a7a701f5311f
 CVE-2021-43452
 	RESERVED
 CVE-2021-43451 (SQL Injection vulnerability exists in PHPGURUKUL Employee Record Manag ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3d0a089d87c9478d88704060d2155c0e1174356

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3d0a089d87c9478d88704060d2155c0e1174356
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260123/05d71567/attachment.htm>