[Git][security-tracker-team/security-tracker][master] CVE-2026-55748/horizon

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jun 17 19:42:48 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e45780bd by Salvatore Bonaccorso at 2026-06-17T20:42:12+02:00
CVE-2026-55748/horizon

- - - - -


3 changed files:

- data/CVE/list
- data/next-oldstable-point-update.txt
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -9785,7 +9785,7 @@ CVE-2026-44393 (An issue was discovered in OpenStack oslo.messaging 1.0.0 throug
 	[bookworm] - python-oslo.messaging 14.0.3-0+deb12u1
 	NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0096
 	NOTE: https://launchpad.net/bugs/2150316
-CVE-2026-XXXX [Horizon RC file generation does not escape special characters in project]
+CVE-2026-55748 [Horizon RC file generation does not escape special characters in project]
 	- horizon 3:25.7.3-2 (bug #1138845)
 	[trixie] - horizon <no-dsa> (Minor issue)
 	[bookworm] - horizon <no-dsa> (Minor issue)


=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -124,7 +124,7 @@ CVE-2026-48998
 	[bookworm] - php-guzzlehttp-psr7 2.4.5-1+deb12u1
 CVE-2026-28370
 	[bookworm] - vitrage 9.0.0-3+deb12u1
-CVE-2026-XXXX [Horizon RC file generation does not escape special characters in project]
+CVE-2026-55748
 	[bookworm] - horizon 3:23.0.0-5+deb12u2
 CVE-2026-29167
 	[bookworm] - apache2 2.4.68-1~deb12u1


=====================================
data/next-point-update.txt
=====================================
@@ -244,7 +244,7 @@ CVE-2026-40915
 	[trixie] - gimp 3.0.4-3+deb13u9
 CVE-2026-28370
 	[trixie] - vitrage 14.0.0-4+deb13u1
-CVE-2026-XXXX [Horizon RC file generation does not escape special characters in project]
+CVE-2026-55748
 	[trixie] - horizon 3:25.3.0-3+deb13u1
 CVE-2025-55174
 	[trixie] - skanpage 25.04.2-1+deb13u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e45780bd91cf86130d054a33390f10b63f133949

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e45780bd91cf86130d054a33390f10b63f133949
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260617/cdb404c1/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list