[Git][security-tracker-team/security-tracker][master] Add Debian bug references for docker.io issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Jun 14 07:17:08 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e8289697 by Salvatore Bonaccorso at 2026-06-14T08:16:43+02:00
Add Debian bug references for docker.io issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -583,13 +583,13 @@ CVE-2026-42947 (A flaw in Naxclow's platform\u2019s onboarding workflow allows a
CVE-2026-42932 (Naxclow device identifiers use fixed manufacturing prefixes combined w ...)
NOT-FOR-US: Naxclow
CVE-2026-42306 (Moby is an open source container framework. In Docker Engine prior to ...)
- - docker.io <unfixed>
+ - docker.io <unfixed> (bug #1139967)
NOTE: https://github.com/moby/moby/security/advisories/GHSA-rg2x-37c3-w2rh
NOTE: Fixed by: https://github.com/moby/moby/commit/43fa458a9c40873867e75221454de10709b04236 (docker-v29.5.1)
CVE-2026-41581 (Frappe is a full-stack web application framework. Prior to versions 15 ...)
NOT-FOR-US: Frappe
CVE-2026-41568 (Moby is an open source container framework. In Docker Engine prior to ...)
- - docker.io <unfixed>
+ - docker.io <unfixed> (bug #1139966)
NOTE: https://github.com/moby/moby/security/advisories/GHSA-vp62-88p7-qqf5
NOTE: Fixed by: https://github.com/moby/moby/commit/64a22d80b93ddc1416b501b5145df02947312249 (docker-v29.5.1)
CVE-2026-40677 (The use of insecure HTTP transport within AMD optional tools could all ...)
@@ -4755,7 +4755,7 @@ CVE-2026-45290 (Cloudburst Network provides network components used within Cloud
CVE-2026-42824 (Improper neutralization of special elements used in a command ('comman ...)
NOT-FOR-US: Microsoft
CVE-2026-41567 (Moby is an open source container framework. In versions prior to 29.5. ...)
- - docker.io <unfixed>
+ - docker.io <unfixed> (bug #1139965)
NOTE: https://github.com/moby/moby/security/advisories/GHSA-x86f-5xw2-fm2r
NOTE: Fixed by: https://github.com/moby/moby/commit/2022313ffe5a8c04890b5295bc52670ee6df8070 (docker-v29.5.1)
CVE-2026-41522 (Iris is a web collaborative platform that helps incident responders sh ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8289697b9efda9733d196fcedc888392cf674cd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8289697b9efda9733d196fcedc888392cf674cd
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260614/85072421/attachment.htm>
More information about the debian-security-tracker-commits
mailing list