[Git][security-tracker-team/security-tracker][master] 2 commits: Mark libnet-cidr-lite-perl issues as no-dsa

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jun 27 11:16:53 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b69c5981 by Salvatore Bonaccorso at 2026-06-27T12:16:03+02:00
Mark libnet-cidr-lite-perl issues as no-dsa

- - - - -
98655f9d by Salvatore Bonaccorso at 2026-06-27T12:16:31+02:00
Track {bookworm,trixie}-pu updates for libnet-cidr-lite-perl

- - - - -


3 changed files:

- data/CVE/list
- data/next-oldstable-point-update.txt
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -33164,12 +33164,16 @@ CVE-2026-45192 (A bug in the GET `/api/v2/connections/{connection_id}` REST API
 	- airflow <itp> (bug #819700)
 CVE-2026-45191 (Net::CIDR::Lite versions before 0.24 for Perl does not properly consid ...)
 	- libnet-cidr-lite-perl 0.24-1
+	[trixie] - libnet-cidr-lite-perl <no-dsa> (Minor issue; will be fixed via point release)
+	[bookworm] - libnet-cidr-lite-perl <no-dsa> (Minor issue; will be fixed via point release)
 	[bullseye] - libnet-cidr-lite-perl <postponed> (Minor issue, validation)
 	NOTE: https://github.com/stigtsp/Net-CIDR-Lite/commit/24e2c439ec405e5256024b9acefd4f7008c5ed0c (0.24)
 	NOTE: https://www.openwall.com/lists/oss-security/2026/05/10/7
 	NOTE: https://lists.security.metacpan.org/cve-announce/msg/39920370/
 CVE-2026-45190 (Net::CIDR::Lite versions before 0.24 for Perl does not properly valida ...)
 	- libnet-cidr-lite-perl 0.24-1
+	[trixie] - libnet-cidr-lite-perl <no-dsa> (Minor issue; will be fixed via point release)
+	[bookworm] - libnet-cidr-lite-perl <no-dsa> (Minor issue; will be fixed via point release)
 	[bullseye] - libnet-cidr-lite-perl <postponed> (Minor issue, validation)
 	NOTE: https://github.com/stigtsp/Net-CIDR-Lite/commit/ca9542adec87110556601d7ce48381ea8d13e692 (0.24)
 	NOTE: https://www.openwall.com/lists/oss-security/2026/05/10/6


=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -198,3 +198,7 @@ CVE-2026-29786
 	[bookworm] - node-tar 6.1.13+~cs7.0.5-1+deb12u1
 CVE-2026-11625
 	[bookworm] - libbytes-random-secure-perl 0.29-4~deb13u1~deb12u1
+CVE-2026-45190
+	[bookworm] - libnet-cidr-lite-perl 0.22-3~deb12u2
+CVE-2026-45191
+	[bookworm] - libnet-cidr-lite-perl 0.22-3~deb12u2


=====================================
data/next-point-update.txt
=====================================
@@ -418,3 +418,7 @@ CVE-2026-11625
 	[trixie] - libbytes-random-secure-perl 0.29-4~deb13u1
 CVE-2026-9539
 	[trixie] - libslirp 4.8.0-1+deb13u1
+CVE-2026-45190
+	[trixie] - libnet-cidr-lite-perl 0.22-3~deb13u2
+CVE-2026-45191
+	[trixie] - libnet-cidr-lite-perl 0.22-3~deb13u2



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8abd252d888ad07c90d0b7d97a0384def2090078...98655f9dc7298ca903d492c4baa84c6b94ccff50

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8abd252d888ad07c90d0b7d97a0384def2090078...98655f9dc7298ca903d492c4baa84c6b94ccff50
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260627/0b624337/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list