[Git][security-tracker-team/security-tracker][master] okular, mistral DSAs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jun 9 20:22:03 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c56959f2 by Moritz Mühlenhoff at 2026-06-09T21:21:31+02:00
okular, mistral DSAs

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -4834,22 +4834,32 @@ CVE-2026-8722 (Net::Async::Statsd::Client versions through 0.005 for Perl allow
 	NOT-FOR-US: Net::Async::Statsd::Client Perl module
 CVE-2026-XXXX [integer overflow in fax image allocation leads to undersized heap allocation]
 	- okular <unfixed> (bug #1139009)
+	[trixie] - okular 4:25.04.2-1+deb13u1
+	[bookworm] - okular 4:22.12.3-1+deb12u1
 	NOTE: https://kde.org/info/security/advisory-20260511-5.txt
 	NOTE: https://commits.kde.org/okular/49cccdec814b2ddb0a403b63994114f09b007a2c
 CVE-2026-XXXX [unsigned integer wrap-around in fax backend leads to heap out-of-bounds read and write]
 	- okular <unfixed> (bug #1139008)
+	[trixie] - okular 4:25.04.2-1+deb13u1
+	[bookworm] - okular 4:22.12.3-1+deb12u1
 	NOTE: https://kde.org/info/security/advisory-20260511-4.txt
 	NOTE: https://commits.kde.org/okular/e5f088674223019fafac26800a2ae0c0d6afc85b
 CVE-2026-XXXX [heap out-of-bounds read in fax backend Ghostscript header handling]
 	- okular <unfixed> (bug #1139007)
+	[trixie] - okular 4:25.04.2-1+deb13u1
+	[bookworm] - okular 4:22.12.3-1+deb12u1
 	NOTE: https://kde.org/info/security/advisory-20260511-3.txt
 	NOTE: https://commits.kde.org/okular/e5f088674223019fafac26800a2ae0c0d6afc85b
 CVE-2026-XXXX [heap out-of-bounds read in fax backend FAXMAGIC comparison]
 	- okular <unfixed> (bug #1139005)
+	[trixie] - okular 4:25.04.2-1+deb13u1
+	[bookworm] - okular 4:22.12.3-1+deb12u1
 	NOTE: https://kde.org/info/security/advisory-20260511-2.txt
 	NOTE: https://commits.kde.org/okular/e5f088674223019fafac26800a2ae0c0d6afc85b
 CVE-2026-XXXX [heap out-of-bounds write in fax backend on zero-length input]
 	- okular <unfixed> (bug #1139004)
+	[trixie] - okular 4:25.04.2-1+deb13u1
+	[bookworm] - okular 4:22.12.3-1+deb12u1
 	NOTE: https://kde.org/info/security/advisory-20260511-1.txt
 	NOTE: https://commits.kde.org/okular/466786c354d890e39a3871f80ed686958d2513a2
 CVE-2026-49941 (Net::CIDR::Set versions through 0.20 for Perl did not validate IP addr ...)
@@ -5106,6 +5116,8 @@ CVE-2026-3276 (unicodedata.normalize() can take excessive CPU time when processi
 	NOTE: https://github.com/python/cpython/commit/ba785b88add96acbf403d65cb157fb2743a33a32 (3.13 branch)
 CVE-2026-XXXX [Mistral workflow execution context exposes Keystone auth token]
 	- mistral <unfixed> (bug #1138849)
+	[trixie] - mistral 20.0.0-2+deb13u1
+	[bookworm] - mistral <ignored> (Too intrusive to backport, also skipped for upstream branches before 20)
 	NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0098
 	NOTE: https://launchpad.net/bugs/2146554
 CVE-2026-44393 (An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3 ...)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,10 @@
+[09 Jun 2026] DSA-6333-1 mistral - security update
+	{CVE-2026-41283}
+	[bookworm] - mistral 15.0.0-1+deb12u1
+	[trixie] - mistral 20.0.0-2+deb13u1
+[09 Jun 2026] DSA-6332-1 okular - security update
+	[bookworm] - okular 4:22.12.3-1+deb12u1
+	[trixie] - okular 4:25.04.2-1+deb13u1
 [08 Jun 2026] DSA-6331-1 keystone - security update
 	{CVE-2026-42998 CVE-2026-42999 CVE-2026-43000 CVE-2026-43001 CVE-2026-44394}
 	[bookworm] - keystone 2:22.0.2-0+deb12u3


=====================================
data/dsa-needed.txt
=====================================
@@ -76,8 +76,6 @@ netty
 --
 nss/oldstable
 --
-okular (jmm)
---
 opennds/oldstable
   pinged maintainer, but no reply yet. should most probably be bumped to 10.x
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c56959f270a1088fa7100d524e3ee09d31c2da2a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c56959f270a1088fa7100d524e3ee09d31c2da2a
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260609/d9ac72fa/attachment.htm>

More information about the debian-security-tracker-commits mailing list