[Git][security-tracker-team/security-tracker][master] CVE-2025-15281,CVE-2026-0861,CVE-2026-0915/glibc: bullseye postponed

Sylvain Beucler (@beuc) gitlab at salsa.debian.org
Fri Jan 30 09:16:14 GMT 2026 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
54f4d14c by Sylvain Beucler at 2026-01-30T10:15:48+01:00
CVE-2025-15281,CVE-2026-0861,CVE-2026-0915/glibc: bullseye postponed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4199,6 +4199,7 @@ CVE-2025-15281 (Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND
 	- glibc 2.42-11 (bug #1126266)
 	[trixie] - glibc <no-dsa> (Minor issue)
 	[bookworm] - glibc <no-dsa> (Minor issue)
+	[bullseye] - glibc <postponed> (Minor issue, unlikely scenario)
 	NOTE: https://www.openwall.com/lists/oss-security/2026/01/20/3
 	NOTE: Introduced with: https://sourceware.org/git/?p=glibc.git;a=commit;h=8f2ece695d8822e9ecc63ecd157e90bf17a6fe65 (glibc-2.0.92)
 	NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commit;h=80cc58ea2de214f85b0a1d902a3b668ad2ecb302 (glibc-2.43)
@@ -5064,6 +5065,7 @@ CVE-2026-0915 (Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch
 	- glibc 2.42-8 (bug #1125748)
 	[trixie] - glibc <no-dsa> (Minor issue)
 	[bookworm] - glibc <no-dsa> (Minor issue)
+	[bullseye] - glibc <postponed> (Minor issue, high attack complexity)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=33802
 	NOTE: https://www.openwall.com/lists/oss-security/2026/01/16/6
 	NOTE: Introduced with: https://sourceware.org/git/?p=glibc.git;a=commit;h=5f0e6fc702296840d2daa39f83f6cb1e40073d58 (glibc-1.93)
@@ -5648,6 +5650,7 @@ CVE-2026-0861 (Passing too large an alignment to the memalign suite of functions
 	- glibc 2.42-8 (bug #1125678)
 	[trixie] - glibc <no-dsa> (Minor issue)
 	[bookworm] - glibc <no-dsa> (Minor issue)
+	[bullseye] - glibc <postponed> (Minor issue, unlikely scenario)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=33796
 	NOTE: https://www.openwall.com/lists/oss-security/2026/01/16/5
 	NOTE: Introduced with: https://sourceware.org/git/?p=glibc.git;a=commit;h=9bf8e29ca136094f73f69f725f15c51facc97206 (glibc-2.30)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54f4d14cdae4d59e8ec8fd2ed3d00aea89c80ffa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54f4d14cdae4d59e8ec8fd2ed3d00aea89c80ffa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260130/6f32da28/attachment.htm>

More information about the debian-security-tracker-commits mailing list