[Git][security-tracker-team/security-tracker][master] CVE-2026-45767/openssl: bullseye not-affected

[Arnaud Rebillout (@arnaudr)]

Arnaud Rebillout pushed to branch master at Debian Security Tracker / security-tracker


Commits:
863e6036 by Arnaud Rebillout at 2026-06-11T15:28:02+07:00
CVE-2026-45767/openssl: bullseye not-affected

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1663,8 +1663,10 @@ CVE-2026-42767 (Issue summary: An attacker-controlled CMP (Certificate Managemen
 	- openssl <unfixed> (bug #1139674)
 	[trixie] - openssl 3.5.6-1~deb13u2
 	[bookworm] - openssl <no-dsa> (Minor issue; can be fixed in next update)
+	[bullseye] - openssl <not-affected> (Vulnerable code introduced later)
 	NOTE: https://openssl-library.org/news/secadv/20260609.txt
 	NOTE: Fixed by: https://github.com/openssl/openssl/commit/61a86a8cd73546c9fea916f3d304c1293e05c046 (openssl-3.0.21)
+	NOTE: Introduced with: https://github.com/openssl/openssl/commit/a61b7f2fa6de3bf8d5b1436e66c52d6bf7150ae4
 CVE-2026-42766 (Issue summary: A specially crafted password-encrypted CMS message can  ...)
 	{DSA-6335-1}
 	- openssl <unfixed> (bug #1139674)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/863e603643ecaf8dd892a7153001392d50971c75

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/863e603643ecaf8dd892a7153001392d50971c75
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260611/b8d45c1d/attachment.htm>