[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Jun 15 22:17:57 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1085e4d0 by Moritz Muehlenhoff at 2026-06-15T23:17:46+02:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8986,9 +8986,8 @@ CVE-2026-44740 (Billy is an interface filesystem abstraction for Go. Prior to ve
 CVE-2026-44211 (Cline is an autonomous coding agent as an SDK, IDE extension, or CLI a ...)
 	NOT-FOR-US: Cline
 CVE-2026-43958 (A flaw was found in rrdcached, a component of rrdtool. A local attacke ...)
-	- rrdtool <unfixed>
+	- rrdtool <unfixed> (bug #1140106)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2460932
-	TODO: check upstream status
 CVE-2026-43625 (CodexBar prior to 0.32.0 contains a session cookie leakage vulnerabili ...)
 	NOT-FOR-US: CodexBar
 CVE-2026-43624 (F5-TTS through version 1.1.20 contains a path traversal vulnerability  ...)
@@ -16351,8 +16350,8 @@ CVE-2026-44618 (Insecure XML parser configuration in Apache CXF's WS-Transfer mo
 CVE-2026-44417 (The fix forCVE-2025-48913: Apache CXF: Untrusted JMS configuration can ...)
 	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-42627 (In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::G ...)
-	- armnn <unfixed>
-	TODO: check details
+	- armnn <unfixed> (bug #1140104; unimportant)
+	NOTE: Negligible security impact
 CVE-2026-42626 (HP ENVY 5000 series printers VERBASPP1N003.2237A.00 do not properly ma ...)
 	NOT-FOR-US: HP ENVY 5000 series printers
 CVE-2026-42506 (Parsing arbitrary HTML which is then rendered using Render can result  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1085e4d0a6e5655fb734e4e697895007e95a2d1b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1085e4d0a6e5655fb734e4e697895007e95a2d1b
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260615/b51a1175/attachment.htm>

More information about the debian-security-tracker-commits mailing list