[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-russh issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jun 12 05:19:53 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
988ae517 by Salvatore Bonaccorso at 2026-06-12T06:18:54+02:00
Add Debian bug reference for rust-russh issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -153,13 +153,13 @@ CVE-2026-48547 (KanaDojo contains a command injection vulnerability that allows
CVE-2026-48546 (KanaDojo before 0.1.18 contains a sandbox escape vulnerability that al ...)
NOT-FOR-US: KanaDojo
CVE-2026-48110 (Russh is a Rust SSH client & server library. From version 0.34.0 to be ...)
- - rust-russh <unfixed>
+ - rust-russh <unfixed> (bug #1139726)
NOTE: https://github.com/Eugeny/russh/security/advisories/GHSA-4r3c-5hpg-58qr
CVE-2026-48108 (Russh is a Rust SSH client & server library. From version 0.34.0-beta. ...)
- - rust-russh <unfixed>
+ - rust-russh <unfixed> (bug #1139726)
NOTE: https://github.com/Eugeny/russh/security/advisories/GHSA-76r6-x97p-67vr
CVE-2026-48107 (Russh is a Rust SSH client & server library. From version 0.37.0 to be ...)
- - rust-russh <unfixed>
+ - rust-russh <unfixed> (bug #1139726)
NOTE: https://github.com/Eugeny/russh/security/advisories/GHSA-g9g7-5cgw-6v28
CVE-2026-48011 (Shopware is an open commerce platform. Prior to versions 6.6.10.18 and ...)
NOT-FOR-US: Shopware
@@ -206,12 +206,12 @@ CVE-2026-47162 (Vim is an open source, command line text editor. Prior to versio
CVE-2026-47157 (aiograpi is an asynchronous Instagram API for Python. aiograpi version ...)
NOT-FOR-US: aiograpi
CVE-2026-46705 (Russh is a Rust SSH client & server library. From version 0.34.0-beta. ...)
- - rust-russh <unfixed>
+ - rust-russh <unfixed> (bug #1139726)
NOTE: https://github.com/Eugeny/russh/security/advisories/GHSA-hpv4-5h6f-wqr3
CVE-2026-46703 (Boxlite is a sandbox service that allows users to create lightweight v ...)
NOT-FOR-US: Boxlite
CVE-2026-46702 (Russh is a Rust SSH client & server library. From version 0.34.0 to be ...)
- - rust-russh <unfixed>
+ - rust-russh <unfixed> (bug #1139726)
NOTE: https://github.com/Eugeny/russh/security/advisories/GHSA-wwx6-x28x-8259
CVE-2026-46698 (Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to v ...)
NOT-FOR-US: Fediverse Embeds
@@ -226,7 +226,7 @@ CVE-2026-46683 (Snappy is a PHP library allowing thumbnail, snapshot or PDF gene
CVE-2026-46679 (libp2p is a JavaScript Implementation of libp2p networking stack. Prio ...)
TODO: check
CVE-2026-46673 (Russh is a Rust SSH client & server library. Prior to version 0.60.3, ...)
- - rust-russh <unfixed>
+ - rust-russh <unfixed> (bug #1139726)
NOTE: https://github.com/Eugeny/russh/security/advisories/GHSA-g9f8-wqj9-fjw5
CVE-2026-46669 (OpenVM is a performant and modular zkVM framework built for customizat ...)
NOT-FOR-US: OpenVM
@@ -22656,7 +22656,7 @@ CVE-2026-42192 (Plunk is an open-source email platform built on top of AWS SES.
CVE-2026-42190 (RedwoodSDK is a server-first React framework. From version 1.0.0-beta. ...)
NOT-FOR-US: RedwoodSDK
CVE-2026-42189 (Russh is a Rust SSH client & server library. Prior to version 0.60.1, ...)
- - rust-russh <unfixed>
+ - rust-russh <unfixed> (bug #1139726)
NOTE: https://github.com/Eugeny/russh/security/advisories/GHSA-f5v4-2wr6-hqmg
NOTE: Fixed by: https://github.com/Eugeny/russh/commit/6c3c80a9b6d60763d6227d60fa8310e57172a4d1 (v0.60.1)
CVE-2026-42185 (People is an application to handle users and teams, and distribute per ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/988ae5178c03dfb98dbd2f1b187a13a8090917b8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/988ae5178c03dfb98dbd2f1b187a13a8090917b8
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260612/3800b371/attachment.htm>
More information about the debian-security-tracker-commits
mailing list