[Git][security-tracker-team/security-tracker][master] Revert "krb5: CVE-2026-40355 and CVE-2026-40356"

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jun 3 04:44:40 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9f327283 by Salvatore Bonaccorso at 2026-06-03T05:44:19+02:00
Revert "krb5: CVE-2026-40355 and CVE-2026-40356"

This reverts commit a122e94c58beb8be6e06d2665fd5bc2a13d18bb0.

This should go via the extended lists on the ELTS tracker.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -24027,14 +24027,10 @@ CVE-2026-40967 (In Spring AI, various FilterExpressionConverter implementations
 	NOT-FOR-US: VMware
 CVE-2026-40356 (In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underf ...)
 	{DSA-6293-1 DLA-4603-1}
-        [buster] - krb5 <not-affected> (Vulnerable code not present)
-        [stretch] - krb5 <not-affected> (Vulnerable code not present)
 	- krb5 1.22.1-2.1 (bug #1135317)
 	NOTE: https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f
 CVE-2026-40355 (In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer de ...)
 	{DSA-6293-1 DLA-4603-1}
-        [buster] - krb5 <not-affected> (Vulnerable code not present)
-        [stretch] - krb5 <not-affected> (Vulnerable code not present)
 	- krb5 1.22.1-2.1 (bug #1135317)
 	NOTE: https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f
 CVE-2026-3087 (If `shutil.unpack_archive()` is given a ZIP archive with an absolute W ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f3272832e6133affe44421719c39664fb10d7f3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f3272832e6133affe44421719c39664fb10d7f3
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260603/b0683d5c/attachment.htm>

More information about the debian-security-tracker-commits mailing list