[Git][security-tracker-team/security-tracker][master] CVE-2026-26740/giflib - add upstream patch reference.

Tobias Frost (@tobi) tobi at debian.org
Tue Jun 23 19:27:11 BST 2026



Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker


Commits:
842b480d by Tobias Frost at 2026-06-23T20:26:57+02:00
CVE-2026-26740/giflib - add upstream patch reference.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -60386,6 +60386,7 @@ CVE-2026-26740 (Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote
 	NOTE: https://sourceforge.net/p/giflib/bugs/199/
 	NOTE: https://sourceforge.net/p/giflib/bugs/201/
 	NOTE: Patch applied in Debian: https://sourceforge.net/p/giflib/bugs/201/attachment/0001-Fix-heap-buffer-overflow-in-EGifGCBToSavedExtension.patch
+	NOTE: Upstream commit: https://sourceforge.net/p/giflib/code/ci/061605081115bbfd7019bafc119a13b6f17fcf25
 CVE-2026-25449 (Deserialization of Untrusted Data vulnerability in shinetheme Traveler ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-24063 (When a plugin is installed using the Arturia Software Center (MacOS),  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/842b480d5e1a7402e1260a8e1984ddb6c5a8ed1c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/842b480d5e1a7402e1260a8e1984ddb6c5a8ed1c
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260623/afa13319/attachment.htm>


More information about the debian-security-tracker-commits mailing list