[Git][security-tracker-team/security-tracker][master] Track fixes for dhcpcd via unstable upload

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jun 26 19:49:19 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ad7b5e63 by Salvatore Bonaccorso at 2026-06-26T20:48:14+02:00
Track fixes for dhcpcd via unstable upload

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3664,21 +3664,21 @@ CVE-2026-56225 (Capgo before 12.128.2 contains an authorization bypass vulnerabi
 CVE-2026-56222 (Capgo before 12.128.2 contains an authorization bypass vulnerability i ...)
 	NOT-FOR-US: Cap-go
 CVE-2026-56117 (dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-af ...)
-	- dhcpcd <unfixed> (bug #1140767)
+	- dhcpcd 1:10.3.2-4 (bug #1140767)
 	[trixie] - dhcpcd <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/NetworkConfiguration/dhcpcd/commit/78ea09ed1633a583dbcde6e7bab9df4639ec8a34
 CVE-2026-56116 (dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak ...)
-	- dhcpcd <unfixed> (bug #1140767)
+	- dhcpcd 1:10.3.2-4 (bug #1140767)
 	[trixie] - dhcpcd <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/NetworkConfiguration/dhcpcd/commit/708b4a56bae080a5b18c2e0c4c6fbe103131a2b0
 CVE-2026-56115 (Bootimus through 0.1.70 contains a broken access control vulnerability ...)
 	NOT-FOR-US: Bootimus
 CVE-2026-56114 (dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte st ...)
-	- dhcpcd <unfixed> (bug #1140767)
+	- dhcpcd 1:10.3.2-4 (bug #1140767)
 	[trixie] - dhcpcd <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/NetworkConfiguration/dhcpcd/commit/2f00c7bfc408b6582d331932dfa47829c4819029
 CVE-2026-56113 (dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-af ...)
-	- dhcpcd <unfixed> (bug #1140767)
+	- dhcpcd 1:10.3.2-4 (bug #1140767)
 	[trixie] - dhcpcd <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/NetworkConfiguration/dhcpcd/commit/5733d3c59a5651f64357ac11c98b4f39895c8d25
 CVE-2026-55736 (Improperly Controlled Modification of Dynamically-Determined Object At ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad7b5e63e92e8967102d108adcde93a2fbc42b0d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad7b5e63e92e8967102d108adcde93a2fbc42b0d
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260626/7dd38302/attachment.htm>


More information about the debian-security-tracker-commits mailing list