[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e738ed41 by Moritz Muehlenhoff at 2026-06-09T23:32:11+02:00
trixie/bookworm triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -1585,7 +1585,9 @@ CVE-2026-11701 (Inappropriate implementation in Guest View in Google Chrome prio
 CVE-2026-9669 (bz2.BZ2Decompressor objects could be reused after a decompression erro ...)
 	- python3.14 <unfixed>
 	- python3.13 <unfixed>
+	[trixie] - python3.13 <no-dsa> (Minor issue, will be fixed via pu)
 	- python3.11 <removed>
+	[bookworm] - python3.11 <no-dsa> (Minor issue)
 	- python3.9 <removed>
 	NOTE: https://github.com/python/cpython/issues/150599
 	NOTE: https://github.com/python/cpython/pull/150600
@@ -2049,6 +2051,8 @@ CVE-2026-46276 (In the Linux kernel, the following vulnerability has been resolv
 	NOTE: https://git.kernel.org/linus/095a8b0ad3c3b5cdc3850d961adb8a8f735220bb (7.1-rc2)
 CVE-2020-37248 (OfflineIMAP before 8.0.3 trusts the server with their STARTTLS capabil ...)
 	- offlineimap3 <unfixed> (bug #1139329)
+	[trixie] - offlineimap3 <no-dsa> (Minor issue)
+	[bookworm] - offlineimap3 <no-dsa> (Minor issue)
 	NOTE: https://github.com/OfflineIMAP/offlineimap3/issues/222
 	NOTE: https://github.com/OfflineIMAP/offlineimap/issues/669
 	NOTE: Fixed by: https://github.com/OfflineIMAP/offlineimap3/commit/46505c53ef995455d66c685f9ec3ff6ea93dbb74 (v8.0.3)
@@ -5136,6 +5140,8 @@ CVE-2026-44393 (An issue was discovered in OpenStack oslo.messaging 1.0.0 throug
 	NOTE: https://launchpad.net/bugs/2150316
 CVE-2026-XXXX [Horizon RC file generation does not escape special characters in project]
 	- horizon <unfixed> (bug #1138845)
+	[trixie] - horizon <no-dsa> (Minor issue)
+	[bookworm] - horizon <no-dsa> (Minor issue)
 	NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0097
 	NOTE: https://launchpad.net/bugs/2152240
 CVE-2026-50266 (In OpenStack Neutron before 28.0.1, a project manager can create or up ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -74,6 +74,8 @@ mimetex/oldstable
 --
 netty
 --
+neutron/stable (jmm)
+--
 nss/oldstable
 --
 opennds/oldstable



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e738ed4142744a0bff52a97e4da0921ef8291a9c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e738ed4142744a0bff52a97e4da0921ef8291a9c
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260609/ac5e4096/attachment-0001.htm>