[Git][security-tracker-team/security-tracker][master] CVE-2026-26740/giflib - add upstream patch reference.
Tobias Frost (@tobi)
tobi at debian.org
Tue Jun 23 19:27:11 BST 2026
Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker
Commits:
842b480d by Tobias Frost at 2026-06-23T20:26:57+02:00
CVE-2026-26740/giflib - add upstream patch reference.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -60386,6 +60386,7 @@ CVE-2026-26740 (Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote
NOTE: https://sourceforge.net/p/giflib/bugs/199/
NOTE: https://sourceforge.net/p/giflib/bugs/201/
NOTE: Patch applied in Debian: https://sourceforge.net/p/giflib/bugs/201/attachment/0001-Fix-heap-buffer-overflow-in-EGifGCBToSavedExtension.patch
+ NOTE: Upstream commit: https://sourceforge.net/p/giflib/code/ci/061605081115bbfd7019bafc119a13b6f17fcf25
CVE-2026-25449 (Deserialization of Untrusted Data vulnerability in shinetheme Traveler ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-24063 (When a plugin is installed using the Arturia Software Center (MacOS), ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/842b480d5e1a7402e1260a8e1984ddb6c5a8ed1c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/842b480d5e1a7402e1260a8e1984ddb6c5a8ed1c
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260623/afa13319/attachment.htm>
More information about the debian-security-tracker-commits
mailing list