[Git][security-tracker-team/security-tracker][master] CVE-2026-45446/openssl: bullseye not-affected

[Arnaud Rebillout (@arnaudr)]

Arnaud Rebillout pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7c39cad7 by Arnaud Rebillout at 2026-06-11T14:02:27+07:00
CVE-2026-45446/openssl: bullseye not-affected

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1633,8 +1633,10 @@ CVE-2016-20062 (Simply Poll 1.4.1 plugin for WordPress contains an SQL injection
 CVE-2026-45446 (Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-S ...)
 	{DSA-6335-1}
 	- openssl <unfixed> (bug #1139674)
+	[bullseye] - openssl <not-affected> (Vulnerable code not present)
 	NOTE: https://openssl-library.org/news/secadv/20260609.txt
 	NOTE: Fixed by: https://github.com/openssl/openssl/commit/71e2a5d263518cf5866043bd60ee4994d59e53a3 (openssl-3.0.21)
+	NOTE: AES-SIV is implemented since OpenSSL 3.0. AES-GCM-SIV is implemented since OpenSSL 3.2.
 CVE-2026-42771 (Issue summary: When the X509_VERIFY_PARAM_set1_email is called by an a ...)
 	- openssl <not-affected> (Vulnerable code not present)
 	NOTE: https://openssl-library.org/news/secadv/20260609.txt



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c39cad790b10bf7f6fe0bc35c299c1b3bada242

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c39cad790b10bf7f6fe0bc35c299c1b3bada242
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260611/64bd8514/attachment-0001.htm>