[Git][security-tracker-team/security-tracker][master] Bullseye triagging

[Bastien Roucariès (@rouca)]

Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6fda7508 by Bastien Roucariès at 2026-06-09T23:37:52+02:00
Bullseye triagging

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2225,6 +2225,7 @@ CVE-2026-49261
 CVE-2025-15646
 	- libhtml-gumbo-perl 0.18-5 (bug #1104789)
 	[bookworm] - libhtml-gumbo-perl <no-dsa> (Minor issue; to be fixed in point release)
+	[bullseye] - libhtml-gumbo-perl <postponed> (Minor issue)
 	NOTE: https://github.com/ruz/HTML-Gumbo/issues/6
 	NOTE: https://github.com/bestpractical/html-gumbo/commit/15c0598909d4a64f47ef0a1abc5051f4e113c186 (0.19)
 CVE-2026-11441 (A vulnerability was identified in theonedev onedev up to 15.0.5. This  ...)
@@ -4841,6 +4842,7 @@ CVE-2026-8829 (HTML::Entities versions before 3.84 for Perl read freed heap memo
 	- libhtml-parser-perl 3.83-2
 	[trixie] - libhtml-parser-perl <no-dsa> (Minor issue)
 	[bookworm] - libhtml-parser-perl <no-dsa> (Minor issue)
+	[bullseye] - libhtml-parser-perl <postponed> (Minor issue)
 	NOTE: https://lists.security.metacpan.org/cve-announce/msg/40702610/
 	NOTE: https://github.com/libwww-perl/HTML-Parser/pull/56
 	NOTE: Fixed by: https://github.com/libwww-perl/HTML-Parser/commit/6922552b0778c90a9587a3894e248be4d3a25e1c (3.84)
@@ -4880,18 +4882,21 @@ CVE-2026-49941 (Net::CIDR::Set versions through 0.20 for Perl did not validate I
 	- libnet-cidr-set-perl 0.21-1
 	[trixie] - libnet-cidr-set-perl <no-dsa> (Minor issue)
 	[bookworm] - libnet-cidr-set-perl <no-dsa> (Minor issue)
+	[bullseye] - libnet-cidr-set-perl <postponed> (Minor issue)
 	NOTE: https://lists.security.metacpan.org/cve-announce/msg/40702781/
 	NOTE: https://github.com/robrwo/perl-Net-CIDR-Set/commit/3a40b4c0d0e8ef996ccb7aee1d5f108187431c2b (0.21)
 CVE-2026-49942 (Net::CIDR::Set versions through 0.20 for Perl did not validate network ...)
 	- libnet-cidr-set-perl 0.21-1
 	[trixie] - libnet-cidr-set-perl <no-dsa> (Minor issue)
 	[bookworm] - libnet-cidr-set-perl <no-dsa> (Minor issue)
+	[bullseye] - libnet-cidr-set-perl <postponed> (Minor issue)
 	NOTE: https://lists.security.metacpan.org/cve-announce/msg/40702816/
 	NOTE: https://github.com/robrwo/perl-Net-CIDR-Set/commit/875010b4217afe9a61cee519f0e0250847ecf699 (0.21)
 CVE-2026-49940 (Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addr ...)
 	- libnet-cidr-set-perl 0.21-1
 	[trixie] - libnet-cidr-set-perl <no-dsa> (Minor issue)
 	[bookworm] - libnet-cidr-set-perl <no-dsa> (Minor issue)
+	[bullseye] - libnet-cidr-set-perl <postponed> (Minor issue)
 	NOTE: https://lists.security.metacpan.org/cve-announce/msg/40702749/
 	NOTE: https://github.com/robrwo/perl-Net-CIDR-Set/commit/875010b4217afe9a61cee519f0e0250847ecf699 (0.21)
 CVE-2026-8889 (Version 3.0.7 of the Securly Chrome Extension uses deprecated SHA-1 ha ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6fda75081aabce02e4373040b60d1c6d7540c751

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6fda75081aabce02e4373040b60d1c6d7540c751
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260609/6b4a649c/attachment.htm>