[Git][security-tracker-team/security-tracker][master] Unify notes for apache2 entries

Thu Jun 11 20:01:41 BST 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
870957de by Salvatore Bonaccorso at 2026-06-11T21:01:13+02:00
Unify notes for apache2 entries

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2351,8 +2351,8 @@ CVE-2026-48913 (Use After Free vulnerability in Apache HTTP Server module mod_ht
 	[trixie] - apache2 <no-dsa> (Minor issue)
 	[bookworm] - apache2 <no-dsa> (Minor issue)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2026-48913
-	NOTE: fixed by jumbo patch: https://github.com/apache/httpd/commit/dbf1cc4dd62b681a0066271720994a047a3329ca (2.4.68-rc1-candidate)
-	NOTE: fixed by: https://github.com/icing/mod_h2/commit/e6a28242f23084f6dbae32090121148e99fdda78
+	NOTE: Fixed by jumbo patch: https://github.com/apache/httpd/commit/dbf1cc4dd62b681a0066271720994a047a3329ca (2.4.68-rc1-candidate)
+	NOTE: Fixed by: https://github.com/icing/mod_h2/commit/e6a28242f23084f6dbae32090121148e99fdda78 (v2.0.42)
 	NOTE: Bug https://github.com/icing/mod_h2/issues/325
 CVE-2026-48507 (Snipe-IT is an IT asset/license management system. A vulnerability in  ...)
 	- snipe-it <itp> (bug #1005172)
@@ -2397,13 +2397,13 @@ CVE-2026-44631 (Buffer Underwrite vulnerability in Apache HTTP Server on crafted
 	[trixie] - apache2 <no-dsa> (Minor issue)
 	[bookworm] - apache2 <no-dsa> (Minor issue)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2026-44631
-	NOTE: https://github.com/apache/httpd/commit/7d9f3cfb10b0fe70df7358d26d7b1f374ea1a0cb (2.4.68-rc1-candidate)
+	NOTE: Fixed by: https://github.com/apache/httpd/commit/7d9f3cfb10b0fe70df7358d26d7b1f374ea1a0cb (2.4.68-rc1-candidate)
 CVE-2026-44186 (Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability i ...)
 	- apache2 <unfixed> (bug #1139340)
 	[trixie] - apache2 <no-dsa> (Minor issue)
 	[bookworm] - apache2 <no-dsa> (Minor issue)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2026-44186
-	NOTE: Fixed by https://github.com/apache/httpd/commit/414de374a06549b2c6710cbcff81c3821379f75c (2.4.68-rc1-candidate)
+	NOTE: Fixed by: https://github.com/apache/httpd/commit/414de374a06549b2c6710cbcff81c3821379f75c (2.4.68-rc1-candidate)
 CVE-2026-44185 (Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP ...)
 	- apache2 <unfixed> (bug #1139340)
 	[trixie] - apache2 <no-dsa> (Minor issue)
@@ -2448,8 +2448,8 @@ CVE-2026-42535 (A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier
 	[trixie] - apache2 <no-dsa> (Minor issue)
 	[bookworm] - apache2 <no-dsa> (Minor issue)
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2026-42535
-	NOTE: Fixed by: https://github.com/apache/httpd/commit/56bfb128432a38e2e6bc5448122914bb271b1252 (2.4.68-rc1-candidate)
 	NOTE: Fixed by: https://github.com/apache/httpd/commit/7e871beec56d41fe098f48f5a5bcb1525c448d77 (trunk)
+	NOTE: Fixed by: https://github.com/apache/httpd/commit/56bfb128432a38e2e6bc5448122914bb271b1252 (2.4.68-rc1-candidate)
 CVE-2026-41724 (VMware Cloud Foundation Operations contains multiple stored cross-site ...)
 	NOT-FOR-US: VMware
 CVE-2026-41723 (VMware Cloud Foundation Operations contains multiple stored cross-site ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/870957de78de3dafd15986032de3efdf92451fd7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/870957de78de3dafd15986032de3efdf92451fd7
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260611/f6707cc7/attachment.htm>
