[Git][security-tracker-team/security-tracker][master] Add new suricata issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cf82881d by Salvatore Bonaccorso at 2026-01-27T22:41:38+01:00
Add new suricata issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -135,19 +135,45 @@ CVE-2026-23593 (A vulnerability in the web-based management interface of HPE Aru
 CVE-2026-23592 (Insecure file operations in HPE Aruba Networking Fabric Composer\xe2\u ...)
 	NOT-FOR-US: HPE
 CVE-2026-22264 (Suricata is a network IDS, IPS and NSM engine. Prior to version 8.0.3  ...)
-	TODO: check
+	- suricata 1:8.0.3-1
+	NOTE: https://github.com/OISF/suricata/security/advisories/GHSA-mqr8-m3m4-2hw5
+	NOTE: https://github.com/OISF/suricata/commit/549d7bf60616de8e54686a188196453b5b22f715 (suricata-8.0.3)
+	NOTE: https://github.com/OISF/suricata/commit/5789a3d3760dbf33d93fc56c27bd9529e5bdc8f2 (suricata-7.0.14)
 CVE-2026-22263 (Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0 ...)
-	TODO: check
+	- suricata 1:8.0.3-1
+	[trixie] - suricata <not-affected> (Vulnerable code not present)
+	[bookworm] - suricata <not-affected> (Vulnerable code not present)
+	[bullseye] - suricata <not-affected> (Vulnerable code not present)
+	NOTE: https://github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7
+	NOTE: https://github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428 (suricata-8.0.3)
 CVE-2026-22262 (Suricata is a network IDS, IPS and NSM engine. While saving a dataset  ...)
-	TODO: check
+	- suricata 1:8.0.3-1
+	NOTE: https://github.com/OISF/suricata/security/advisories/GHSA-9qg5-2gwh-xp86
+	NOTE: https://github.com/OISF/suricata/commit/32a1b9ae6aa80a60c073897e38a2ac6ea0f64521 (suricata-8.0.3)
+	NOTE: https://github.com/OISF/suricata/commit/d767dfadcd166f82683757818b9e46943326ac90 (suricata-8.0.3)
+	NOTE: https://github.com/OISF/suricata/commit/32609e6896f9079c175665a94005417cec7637eb (suricata-7.0.14)
+	NOTE: https://github.com/OISF/suricata/commit/27a2180bceaa3477419c78c54fce364398d011f1 (suricata-7.0.14)
 CVE-2026-22261 (Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 ...)
-	TODO: check
+	- suricata 1:8.0.3-1
+	NOTE: https://github.com/OISF/suricata/security/advisories/GHSA-5jvg-5j3p-34cf
+	NOTE: https://github.com/OISF/suricata/commit/3f0725b34c7871c2de4346c8af872f10f4501e44 (suricata-8.0.3)
 CVE-2026-22260 (Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0 ...)
-	TODO: check
+	- suricata 1:8.0.3-1
+	[trixie] - suricata <not-affected> (Vulnerable code not present)
+	[bookworm] - suricata <not-affected> (Vulnerable code not present)
+	[bullseye] - suricata <not-affected> (Vulnerable code not present)
+	NOTE: https://github.com/OISF/suricata/security/advisories/GHSA-3gm8-84cm-5x22
+	NOTE: https://github.com/OISF/suricata/commit/0dddac7278c8b9cf3c1e4c1c71e620a78ec1c185 (suricata-8.0.3)
 CVE-2026-22259 (Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 ...)
-	TODO: check
+	- suricata 1:8.0.3-1
+	NOTE: https://github.com/OISF/suricata/security/advisories/GHSA-878h-2x6v-84q9
+	NOTE: https://github.com/OISF/suricata/commit/50cac2e2465ca211eabfa156623e585e9037bb7e (suricata-8.0.3)
+	NOTE: https://github.com/OISF/suricata/commit/63225d5f8ef64cc65164c0bb1800730842d54942 (suricata-7.0.14)
 CVE-2026-22258 (Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 ...)
-	TODO: check
+	- suricata 1:8.0.3-1
+	NOTE: https://github.com/OISF/suricata/security/advisories/GHSA-289c-h599-3xcx
+	NOTE: https://github.com/OISF/suricata/commit/39d8c302af3422a096b75474a4f295a754ec6a74 (suricata-8.0.3)
+	NOTE: https://github.com/OISF/suricata/commit/f82a388d0283725cb76782cf64e8341cab370830 (suricata-7.0.14)
 CVE-2026-22039 (Kyverno is a policy engine designed for cloud native platform engineer ...)
 	TODO: check
 CVE-2026-21721 (The dashboard permissions API does not verify the target dashboard sco ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf82881d9c8cf2cb72edc7501b5b2ab2f512f677

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf82881d9c8cf2cb72edc7501b5b2ab2f512f677
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260127/e60c9c8e/attachment.htm>