[Git][security-tracker-team/security-tracker][master] glibc: add git tags

Sylvain Beucler (@beuc) gitlab at salsa.debian.org
Thu Jan 29 16:21:48 GMT 2026 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c7f2df95 by Sylvain Beucler at 2026-01-29T17:20:55+01:00
glibc: add git tags

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3879,8 +3879,8 @@ CVE-2025-15281 (Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND
 	[trixie] - glibc <no-dsa> (Minor issue)
 	[bookworm] - glibc <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2026/01/20/3
-	NOTE: Introduced with: https://sourceware.org/git/?p=glibc.git;a=commit;h=8f2ece695d8822e9ecc63ecd157e90bf17a6fe65
-	NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commit;h=80cc58ea2de214f85b0a1d902a3b668ad2ecb302
+	NOTE: Introduced with: https://sourceware.org/git/?p=glibc.git;a=commit;h=8f2ece695d8822e9ecc63ecd157e90bf17a6fe65 (glibc-2.0.92)
+	NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commit;h=80cc58ea2de214f85b0a1d902a3b668ad2ecb302 (glibc-2.43)
 CVE-2026-22022 (Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "R ...)
 	- lucene-solr <not-affected> (Vulnerable code introduced later)
 CVE-2026-22444 (The "create core" API of Apache Solr 8.6 through 9.10.0 lacks sufficie ...)
@@ -4745,8 +4745,8 @@ CVE-2026-0915 (Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch
 	[bookworm] - glibc <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=33802
 	NOTE: https://www.openwall.com/lists/oss-security/2026/01/16/6
-	NOTE: Introduced with: https://sourceware.org/git/?p=glibc.git;a=commit;h=5f0e6fc702296840d2daa39f83f6cb1e40073d58
-	NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commit;h=e56ff82d5034ec66c6a78f517af6faa427f65b0b
+	NOTE: Introduced with: https://sourceware.org/git/?p=glibc.git;a=commit;h=5f0e6fc702296840d2daa39f83f6cb1e40073d58 (glibc-1.93)
+	NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commit;h=e56ff82d5034ec66c6a78f517af6faa427f65b0b (glibc-2.43)
 CVE-2026-0858 (Versions of the package net.sourceforge.plantuml:plantuml before 1.202 ...)
 	- plantuml <unfixed> (bug #1125750)
 	[trixie] - plantuml <no-dsa> (Minor issue)
@@ -5330,7 +5330,7 @@ CVE-2026-0861 (Passing too large an alignment to the memalign suite of functions
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=33796
 	NOTE: https://www.openwall.com/lists/oss-security/2026/01/16/5
 	NOTE: Introduced with: https://sourceware.org/git/?p=glibc.git;a=commit;h=9bf8e29ca136094f73f69f725f15c51facc97206 (glibc-2.30)
-	NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commit;h=c9188d333717d3ceb7e3020011651f424f749f93
+	NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commit;h=c9188d333717d3ceb7e3020011651f424f749f93 (glibc-2.43)
 CVE-2026-0601 (A reflected cross-site scripting vulnerability exists in Nexus Reposit ...)
 	NOT-FOR-US: Sonatype
 CVE-2026-0600 (Server-Side Request Forgery (SSRF) vulnerability in Sonatype Nexus Rep ...)
@@ -68897,8 +68897,8 @@ CVE-2025-8058 (The regcomp function in the GNU C library version from 2.4 to 2.4
 	[bullseye] - glibc <postponed> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=33185
 	NOTE: https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2025-0005
-	NOTE: Introduced with: https://sourceware.org/git/?p=glibc.git;a=commit;h=963d8d782fc98fb6dc3a66f0068795f9920c269d
-	NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commit;h=7ea06e994093fa0bcca0d0ee2c1db271d8d7885d
+	NOTE: Introduced with: https://sourceware.org/git/?p=glibc.git;a=commit;h=963d8d782fc98fb6dc3a66f0068795f9920c269d (glibc-2.4)
+	NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commit;h=7ea06e994093fa0bcca0d0ee2c1db271d8d7885d (glibc-2.42)
 CVE-2025-8022
 	REJECTED
 CVE-2025-8021 (All versions of the package files-bucket-server are vulnerable to Dire ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7f2df95cbe9a47cebc60b28fcf98de7a92b6680

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7f2df95cbe9a47cebc60b28fcf98de7a92b6680
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260129/c06b0048/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list