[Git][security-tracker-team/security-tracker][master] Add two dnsmasq issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jun 24 09:39:44 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5ce38506 by Salvatore Bonaccorso at 2026-06-24T10:39:22+02:00
Add two dnsmasq issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -688,7 +688,9 @@ CVE-2026-27604 (FOSSBilling is a free, open-source billing and client management
CVE-2026-13007 (Tenable Identity Exposure contains multiple unauthenticated API endpoi ...)
TODO: check
CVE-2026-12969 (An out-of-bounds read vulnerability exists in dnsmasq's find_soa() fun ...)
- TODO: check
+ - dnsmasq 2.93-1
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2491663
+ NOTE: Fixed by: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=14094e88beca519c53151184cc4553656672b54f (v2.93rc1)
CVE-2026-12958 (Missing symlink validation in Language Servers for AWS may allow an ar ...)
NOT-FOR-US: Amazon
CVE-2026-12957 (Improper trust boundary enforcement in Language Servers for AWS before ...)
@@ -1265,7 +1267,9 @@ CVE-2026-12863 (An unvalidated redirect was contained in Venueless' social login
CVE-2026-12862 (Untrusted user data was passed verbatim to Excel exports for administr ...)
NOT-FOR-US: rami.io products
CVE-2026-12725 (A heap-based buffer overflow was found in dnsmasq. When DNSSEC validat ...)
- TODO: check
+ - dnsmasq 2.93-1
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2490763
+ NOTE: Fixed by: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=36d081e37477027fd721fea498f3760f529034ad (v2.93test10)
CVE-2026-12628 (IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Pro ...)
NOT-FOR-US: IBM
CVE-2026-12602 (Incorrect default permissions in ArubaSign, affecting versions prior t ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ce38506f45d9f6e9c2f164bb90029b0b5dd1eb7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ce38506f45d9f6e9c2f164bb90029b0b5dd1eb7
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260624/86dbf1bd/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list