[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jun 20 08:57:14 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a75279b7 by Salvatore Bonaccorso at 2026-06-20T09:56:22+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10,41 +10,41 @@ CVE-2026-9265 (Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a he
 	NOTE: https://github.com/dsully/perl-crypt-openssl-pkcs12/issues/55
 	NOTE: Fixed by: https://github.com/dsully/perl-crypt-openssl-pkcs12/commit/a7bd2f319fa8aab8177b3d767ea06dd85ceb3173 (v1.96)
 CVE-2026-56216 (Capgo before 12.128.2 contains a scope escalation vulnerability in the ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56215 (Capgo before 12.128.12 allows authenticated users to modify their muta ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56214 (Capgo before 12.128.2 contains an information disclosure vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56213 (Capgo before 12.128.2 contains an authorization bypass vulnerability i ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56212 (Capgo before 12.128.2 contains an authentication logic flaw: a user wi ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56082 (Capgo (Cap-go/capgo) before 12.128.2 contains an improper access contr ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56081 (Cap-go before 12.128.2 contains an authentication logic flaw that lets ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56080 (Capgo before 12.128.2 contains a flaw in the Enforce Password Policy f ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56079 (Capgo before 12.128.2 contains a cross-tenant authorization bypass vul ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-56073 (Cap-go before 12.128.2 contains an authentication bypass vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Cap-go
 CVE-2026-50559 (Quarkus is a Java framework for building cloud-native applications. Pr ...)
-	TODO: check
+	NOT-FOR-US: Quarkus
 CVE-2026-50519 (Initialization of a resource with an insecure default in GitHub Copilo ...)
 	NOT-FOR-US: Microsoft
 CVE-2026-49346 (libde265 is an open source implementation of the h.265 video codec. Pr ...)
 	TODO: check
 CVE-2026-49345 (Mercator is an open source web application that enables mapping of the ...)
-	TODO: check
+	NOT-FOR-US: Mercator
 CVE-2026-49344 (Mercator is an open source web application that enables mapping of the ...)
-	TODO: check
+	NOT-FOR-US: Mercator
 CVE-2026-49342 (YARD is a documentation generation tool for the Ruby programming langu ...)
 	TODO: check
 CVE-2026-49340 (gonic is a music streaming server / free-software subsonic server API  ...)
-	TODO: check
+	NOT-FOR-US: gonic music streaming server
 CVE-2026-49338 (gonic is a music streaming server / free-software subsonic server API  ...)
-	TODO: check
+	NOT-FOR-US: gonic music streaming server
 CVE-2026-49337 (libde265 is an open source implementation of the h.265 video codec. Pr ...)
 	TODO: check
 CVE-2026-49295 (libde265 is an open source implementation of the h.265 video codec. Pr ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a75279b79deb7f26986b35ef9ca5eca0c9662d5b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a75279b79deb7f26986b35ef9ca5eca0c9662d5b
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260620/12fe0736/attachment.htm>


More information about the debian-security-tracker-commits mailing list