[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for two gitsign issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jun 8 04:45:25 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
97acc85d by Salvatore Bonaccorso at 2026-06-08T05:45:01+02:00
Track fixed version via unstable for two gitsign issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14259,12 +14259,12 @@ CVE-2026-44641 (Microsoft APM is an open-source, community-driven dependency man
CVE-2026-44366 (Vvveb is a powerful and easy to use CMS with page builder to build web ...)
NOT-FOR-US: Vvveb
CVE-2026-44310 (Gitsign is a keyless Sigstore to signing tool for Git commits with you ...)
- - gitsign <unfixed> (bug #1136789)
+ - gitsign 0.16.0-1 (bug #1136789)
[trixie] - gitsign <no-dsa> (Minor issue)
NOTE: https://github.com/sigstore/gitsign/security/advisories/GHSA-7c37-gx6w-8vc5
NOTE: Fixed by: https://github.com/sigstore/gitsign/commit/d7565c405e188d1ad41d85d5f46adaeec4b85941 (v0.15.0)
CVE-2026-44309 (Gitsign is a keyless Sigstore to signing tool for Git commits with you ...)
- - gitsign <unfixed> (bug #1136789)
+ - gitsign 0.16.0-1 (bug #1136789)
[trixie] - gitsign <no-dsa> (Minor issue)
NOTE: https://github.com/sigstore/gitsign/security/advisories/GHSA-7rmh-48mx-2vwc
NOTE: Fixed by: https://github.com/sigstore/gitsign/commit/3c84d87240644b5c62b3b3d79177ae64448591c8 (v0.16.0)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97acc85de5def311f37eff85bcd676d8bc37f8ce
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97acc85de5def311f37eff85bcd676d8bc37f8ce
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260608/c411157f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list