[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2026-48988
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Jun 28 19:38:13 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4027028c by Salvatore Bonaccorso at 2026-06-28T20:37:39+02:00
Track fixed version via unstable for CVE-2026-48988
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6858,7 +6858,7 @@ CVE-2026-48990 (joserfc is a Python library that provides an implementation of s
CVE-2026-48989 (Windows-MCP is an open-source project that integrates AI agents with W ...)
NOT-FOR-US: Windows-MCP
CVE-2026-48988 (markdown-it is a Markdown parser. Versions 14.1.1 and below contain a ...)
- - node-markdown-it <unfixed> (bug #1140349)
+ - node-markdown-it 22.2.3+dfsg+~12.2.3-5 (bug #1140349)
[trixie] - node-markdown-it <no-dsa> (Minor issue)
NOTE: https://github.com/markdown-it/markdown-it/security/advisories/GHSA-6v5v-wf23-fmfq
NOTE: https://github.com/markdown-it/markdown-it/commit/9ce2087562c45d1e5ddd9f76b990f4b3fbe040e5 (14.2.0)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4027028cefe4b40520574cdf93eb880799e8750b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4027028cefe4b40520574cdf93eb880799e8750b
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260628/b4dd2a71/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list