[Git][security-tracker-team/security-tracker][master] Add more rust-russh issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 11 22:12:29 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
99cb9408 by Salvatore Bonaccorso at 2026-06-11T23:12:11+02:00
Add more rust-russh issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -206,11 +206,13 @@ CVE-2026-47162 (Vim is an open source, command line text editor. Prior to versio
 CVE-2026-47157 (aiograpi is an asynchronous Instagram API for Python. aiograpi version ...)
 	NOT-FOR-US: aiograpi
 CVE-2026-46705 (Russh is a Rust SSH client & server library. From version 0.34.0-beta. ...)
-	TODO: check
+	- rust-russh <unfixed>
+	NOTE: https://github.com/Eugeny/russh/security/advisories/GHSA-hpv4-5h6f-wqr3
 CVE-2026-46703 (Boxlite is a sandbox service that allows users to create lightweight v ...)
 	NOT-FOR-US: Boxlite
 CVE-2026-46702 (Russh is a Rust SSH client & server library. From version 0.34.0 to be ...)
-	TODO: check
+	- rust-russh <unfixed>
+	NOTE: https://github.com/Eugeny/russh/security/advisories/GHSA-wwx6-x28x-8259
 CVE-2026-46698 (Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to v ...)
 	NOT-FOR-US: Fediverse Embeds
 CVE-2026-46697 (Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to v ...)
@@ -224,7 +226,8 @@ CVE-2026-46683 (Snappy is a PHP library allowing thumbnail, snapshot or PDF gene
 CVE-2026-46679 (libp2p is a JavaScript Implementation of libp2p networking stack. Prio ...)
 	TODO: check
 CVE-2026-46673 (Russh is a Rust SSH client & server library. Prior to version 0.60.3,  ...)
-	TODO: check
+	- rust-russh <unfixed>
+	NOTE: https://github.com/Eugeny/russh/security/advisories/GHSA-g9f8-wqj9-fjw5
 CVE-2026-46669 (OpenVM is a performant and modular zkVM framework built for customizat ...)
 	NOT-FOR-US: OpenVM
 CVE-2026-46668 (SpiceDB is an open source database system for creating and managing se ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99cb9408bff9437812a65ac786272facc0c009cf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99cb9408bff9437812a65ac786272facc0c009cf
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260611/0c1138e6/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list