[Git][security-tracker-team/security-tracker][master] trixie triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sun Jun 14 16:58:09 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
000b8b9b by Moritz Muehlenhoff at 2026-06-14T17:35:57+02:00
trixie triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2016,6 +2016,7 @@ CVE-2026-11799 (UXSS in Focus for iOS / Klar Webkit navigation. This vulnerabili
 	NOT-FOR-US: Firefox Focus for iOS
 CVE-2026-10846 (NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in ...)
 	- ldns 1.9.2-1 (bug #1139627)
+	[trixie] - ldns <no-dsa> (Minor issue)
 	NOTE: https://www.nlnetlabs.nl/downloads/ldns/CVE-2026-10846.txt
 CVE-2026-10238
 	REJECTED
@@ -3272,6 +3273,7 @@ CVE-2026-49818 (The Apache Airflow Samba provider's `GCSToSambaOperator` joined
 	NOT-FOR-US: Airflow provider
 CVE-2009-10007 (Catalyst::Plugin::Authentication versions before 0.10_027 for Perl is  ...)
 	- libcatalyst-plugin-authentication-perl <unfixed> (bug #1139461)
+	[trixie] - libcatalyst-plugin-authentication-perl <no-dsa> (Minor issue)
 	NOTE: https://lists.security.metacpan.org/cve-announce/msg/40832427/
 	NOTE: Fixed by: https://github.com/perl-catalyst/Catalyst-Plugin-Authentication/commit/b1385ea87a2491b64f33169222af19982d0acce3 (v0.10_027)
 CVE-2026-9662 (The Recover Exit For WooCommerce plugin for WordPress is vulnerable to ...)
@@ -6926,9 +6928,11 @@ CVE-2026-28318 (SolarWinds Serv-U is susceptible to specially crafted POST reque
 	NOT-FOR-US: SolarWinds
 CVE-2026-26825 (A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 whe ...)
 	- r-cran-readxl <unfixed> (bug #1139808)
+	[trixie] - r-cran-readxl <no-dsa> (Minor issue)
 	NOTE: https://github.com/libxls/libxls/issues/156
 CVE-2026-26824 (libxls through version 1.6.3 contains a use of uninitialized memory vu ...)
 	- r-cran-readxl <unfixed> (bug #1139808)
+	[trixie] - r-cran-readxl <no-dsa> (Minor issue)
 	NOTE: https://github.com/libxls/libxls/issues/155
 CVE-2026-25551 (Seagull Software BarTender 2021 R1 through 12.0.1contains an insecure  ...)
 	NOT-FOR-US: Seagull Software BarTender



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/000b8b9bbd1e3748ba8ae48e5e4eba2faad1ce01

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/000b8b9bbd1e3748ba8ae48e5e4eba2faad1ce01
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260614/256c4c55/attachment.htm>

More information about the debian-security-tracker-commits mailing list