[Git][security-tracker-team/security-tracker][master] trixie triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Jun 17 22:37:43 BST 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
65b1176d by Moritz Muehlenhoff at 2026-06-17T23:37:12+02:00
trixie triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -2672,6 +2672,7 @@ CVE-2026-52717
NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/11801
NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/11820 (1.28.4)
NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/11822 (1.26 branch)
+ NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/b99a3d8d5c1c3f508f3eaa220a369175c614c7cd (1.26 branch)
NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/11819 (1.24 branch)
CVE-2026-53705 (A flaw was found in GStreamer's WavPack audio decoder in gst-plugins-g ...)
- gst-plugins-good1.0 1.28.4-1
@@ -2958,6 +2959,7 @@ CVE-2026-XXXX [RUSTSEC-2026-0176]
NOTE: https://rustsec.org/advisories/RUSTSEC-2026-0176.html
CVE-2026-54421 (In OpenStack Ironic before 37.0.1, when applying a PATCH to update fie ...)
- ironic 1:35.0.1-6 (bug #1140012)
+ [trixie] - ironic <no-dsa> (Minor issue)
NOTE: https://bugs.launchpad.net/ironic/+bug/2155049
CVE-2026-54420 (LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM ...)
NOT-FOR-US: LiteSpeed cPanel plugin
@@ -10074,6 +10076,7 @@ CVE-2026-46741 (Etsy::StatsD versions through 1.002002 for Perl allow metric inj
NOT-FOR-US: Etsy::StatsD Perl module
CVE-2026-46739 (Net::Statsd versions before 0.13 for Perl allow metric injections. Th ...)
- libnet-statsd-perl 0.13-1 (bug #1139163)
+ [trixie] - libnet-statsd-perl <no-dsa> (Minor issue)
NOTE: https://lists.security.metacpan.org/cve-announce/msg/40702251/
NOTE: https://github.com/cosimo/perl5-net-statsd/pull/10
NOTE: Fixed by: https://github.com/cosimo/perl5-net-statsd/commit/a10b10173d6751991b7ade14b86dd272439d2283 (0.13)
=====================================
data/dsa-needed.txt
=====================================
@@ -33,7 +33,7 @@ firebird3.0
--
firebird4.0
--
-gst-libav1.0
+gst-libav1.0 (jmm)
--
gst-plugins-bad1.0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65b1176d31fd59ca9fcf4adb425d102944146e0b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65b1176d31fd59ca9fcf4adb425d102944146e0b
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260617/e39b06ad/attachment.htm>
More information about the debian-security-tracker-commits
mailing list