[Git][security-tracker-team/security-tracker][master] Add Debian bug references for libde265 issues

Sat Jun 20 09:59:23 BST 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
86a7950f by Salvatore Bonaccorso at 2026-06-20T10:58:53+02:00
Add Debian bug references for libde265 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -34,7 +34,7 @@ CVE-2026-50559 (Quarkus is a Java framework for building cloud-native applicatio
 CVE-2026-50519 (Initialization of a resource with an insecure default in GitHub Copilo ...)
 	NOT-FOR-US: Microsoft
 CVE-2026-49346 (libde265 is an open source implementation of the h.265 video codec. Pr ...)
-	- libde265 <unfixed>
+	- libde265 <unfixed> (bug #1140431)
 	NOTE: https://github.com/strukturag/libde265/security/advisories/GHSA-vv8h-932h-7r86
 	NOTE: Fixed by: https://github.com/strukturag/libde265/commit/8a1b5cf212f78e1c77cb46eb5d56e492a9336eb8 (v1.1.0)
 CVE-2026-49345 (Mercator is an open source web application that enables mapping of the ...)
@@ -50,11 +50,11 @@ CVE-2026-49340 (gonic is a music streaming server / free-software subsonic serve
 CVE-2026-49338 (gonic is a music streaming server / free-software subsonic server API  ...)
 	NOT-FOR-US: gonic music streaming server
 CVE-2026-49337 (libde265 is an open source implementation of the h.265 video codec. Pr ...)
-	- libde265 <unfixed>
+	- libde265 <unfixed> (bug #1140431)
 	NOTE: https://github.com/strukturag/libde265/security/advisories/GHSA-g5hj-rf9f-7vxm
 	NOTE: Fixed by: https://github.com/strukturag/libde265/commit/683cb9fa603e35840642f98765ab95cdb71cadf9 (v1.1.0)
 CVE-2026-49295 (libde265 is an open source implementation of the h.265 video codec. Pr ...)
-	- libde265 <unfixed>
+	- libde265 <unfixed> (bug #1140431)
 	NOTE: https://github.com/strukturag/libde265/security/advisories/GHSA-g2rg-wj66-w594
 	NOTE: Fixed by: https://github.com/strukturag/libde265/commit/691f3a3c55b3d32478c4a49895dee061a282652 (v1.1.0)
 CVE-2026-48794 (Authelia is an open-source authentication and authorization server pro ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86a7950fcc19ff85b2c6ab5273c217e9a0f143aa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86a7950fcc19ff85b2c6ab5273c217e9a0f143aa
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260620/292b3c94/attachment-0001.htm>
