[Git][security-tracker-team/security-tracker][master] mpd fixed in sid

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Jun 1 22:30:30 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9677eb35 by Moritz Muehlenhoff at 2026-06-01T23:29:36+02:00
mpd fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1929,25 +1929,25 @@ CVE-2026-49299 (In OpenStack Neutron before 28.0.1, the tagging controller enfor
 	[bullseye] - neutron <postponed> (Minor issue; can be fixed with next upload)
 	NOTE: https://security.openstack.org/ossa/OSSA-2026-016.html
 CVE-2026-49130 (Music Player Daemon (MPD) before version 0.24.11 contains a CRLF injec ...)
-	- mpd <unfixed> (bug #1138215)
+	- mpd 0.24.12-1 (bug #1138215)
 	[trixie] - mpd <no-dsa> (Minor issue)
 	[bookworm] - mpd <no-dsa> (Minor issue)
 	NOTE: https://github.com/MusicPlayerDaemon/MPD/issues/2483
 	NOTE: Fixed by: https://github.com/MusicPlayerDaemon/MPD/commit/855085b35c67dddeef0652e2cb3ac8cdd4f457b7 (v0.24.11)
 CVE-2026-49129 (Music Player Daemon (MPD) before version 0.24.11 contains a server-sid ...)
-	- mpd <unfixed> (bug #1138215)
+	- mpd 0.24.12-1 (bug #1138215)
 	[trixie] - mpd <no-dsa> (Minor issue)
 	[bookworm] - mpd <no-dsa> (Minor issue)
 	NOTE: https://github.com/MusicPlayerDaemon/MPD/issues/2487
 	NOTE: Fixed by: https://github.com/MusicPlayerDaemon/MPD/commit/78341dd6c7b101c3feede233d4cc4f8f1fcc4bb3 (v0.24.11)
 CVE-2026-49128 (Music Player Daemon (MPD) before version 0.24.11 contains a path trave ...)
-	- mpd <unfixed> (bug #1138215)
+	- mpd 0.24.12-1 (bug #1138215)
 	[trixie] - mpd <no-dsa> (Minor issue)
 	[bookworm] - mpd <no-dsa> (Minor issue)
 	NOTE: https://github.com/MusicPlayerDaemon/MPD/issues/2484
 	NOTE: Fixed by: https://github.com/MusicPlayerDaemon/MPD/commit/0b5315b9e5a42cb0e88bf46a7579bb5641543f60 (v0.24.11)
 CVE-2026-49127 (Music Player Daemon (MPD) before version 0.24.11 contains a stack buff ...)
-	- mpd <unfixed> (bug #1138215)
+	- mpd 0.24.12-1 (bug #1138215)
 	[trixie] - mpd <no-dsa> (Minor issue)
 	[bookworm] - mpd <no-dsa> (Minor issue)
 	NOTE: https://github.com/MusicPlayerDaemon/MPD/issues/2485



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9677eb35f73afc66b66a89354069f1486f610a70

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9677eb35f73afc66b66a89354069f1486f610a70
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260601/2766b95f/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list