[Git][security-tracker-team/security-tracker][master] CVE-2026-34182/openssl: bullseye not-affected

[Arnaud Rebillout (@arnaudr)]

Arnaud Rebillout pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5852ce8a by Arnaud Rebillout at 2026-06-11T11:44:13+07:00
CVE-2026-34182/openssl: bullseye not-affected

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1710,9 +1710,11 @@ CVE-2026-34183 (Issue summary: Remote peer may exhaust heap memory of the QUIC s
 CVE-2026-34182 (Issue Summary: Cryptographic Message Services (CMS) processing fails t ...)
 	{DSA-6335-1}
 	- openssl <unfixed>
+	[bullseye] - openssl <not-affected> (Vulnerable code introduced later)
 	NOTE: https://openssl-library.org/news/secadv/20260609.txt
 	NOTE: Fixed by: https://github.com/openssl/openssl/commit/03c1f4d45fb963aee7d5833390c507cd290182bc (openssl-3.0.21)
 	NOTE: Fixed by: https://github.com/openssl/openssl/commit/f48adad79a21fed9bfc31ea3ef65bee810e12ddd (openssl-3.0.21)
+	NOTE: Introduced with: https://github.com/openssl/openssl/commit/924663c36d47066d5307937da77fed7e872730c7
 CVE-2026-45447 (Issue summary: A specially crafted PKCS#7 or S/MIME signed message cou ...)
 	{DSA-6335-1}
 	- openssl <unfixed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5852ce8acc9e00d217076ea3a42cc5d663e07888

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5852ce8acc9e00d217076ea3a42cc5d663e07888
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260611/32b9bb10/attachment.htm>