[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-49014/gdal
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jun 5 19:52:46 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
29f9b7f3 by Salvatore Bonaccorso at 2026-06-05T20:50:43+02:00
Update status for CVE-2026-49014/gdal
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7574,12 +7574,13 @@ CVE-2026-49017 (In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware en
NOTE: https://www.openwall.com/lists/oss-security/2026/05/27/9
NOTE: https://bugs.launchpad.net/swift/+bug/2152205
CVE-2026-49014 (In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF ...)
- - gdal <unfixed>
+ - gdal 3.13.1+dfsg-1
[trixie] - gdal <no-dsa> (Minor issue)
[bookworm] - gdal <no-dsa> (Minor issue)
NOTE: https://github.com/OSGeo/gdal/issues/14594
NOTE: https://github.com/OSGeo/gdal/pull/14598
- NOTE: https://github.com/OSGeo/gdal/commit/c49254dc6380af2f02ff43ca79e3cf7c1bc82f01
+ NOTE: Fixed by: https://github.com/OSGeo/gdal/commit/c49254dc6380af2f02ff43ca79e3cf7c1bc82f01
+ NOTE: Fixed by: https://github.com/OSGeo/gdal/commit/50eea7456d83c9586f112ef96b43249372839dea (v3.13.1RC1)
CVE-2026-49000 (An insecure password scheme refers to vulnerabilities arising from imp ...)
NOT-FOR-US: ZTE
CVE-2026-48999 (Attackers carefully craft malicious scripts, such as JavaScript, and i ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29f9b7f3ac802b40407ba3cdfeaa045223dbdc39
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29f9b7f3ac802b40407ba3cdfeaa045223dbdc39
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260605/428347df/attachment.htm>
More information about the debian-security-tracker-commits
mailing list