[Git][security-tracker-team/security-tracker][master] Triage CVE-2026-45300 in async-http-client for LTS.

Chris Lamb (@lamby) lamby at debian.org
Mon Jun 29 21:04:24 BST 2026



Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9e5d1ec2 by Chris Lamb at 2026-06-29T13:04:18-07:00
Triage CVE-2026-45300 in async-http-client for LTS.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15249,6 +15249,8 @@ CVE-2026-45409 (Internationalized Domain Names in Applications (IDNA) for Python
 	NOTE: Fixed by: https://github.com/kjd/idna/commit/e1cb465b6376f33306a26f467d197edbcd01c4b9 (v3.15)
 CVE-2026-45300 (The AsyncHttpClient (AHC) library allows Java applications to easily e ...)
 	- async-http-client <unfixed> (bug #1139165)
+	[bookworm] - async-http-client <not-affected> (Vulnerable code not present)
+	[bullseye] - async-http-client <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/AsyncHttpClient/async-http-client/security/advisories/GHSA-fmxf-pm6p-7xgm
 	NOTE: Fixed by: https://github.com/AsyncHttpClient/async-http-client/commit/3b0e3e9e889f950c94665c7b72e1af94f922bfe2 (async-http-client-project-3.0.10)
 	NOTE: Fixed by: https://github.com/AsyncHttpClient/async-http-client/commit/5eed33962a412a0100f8117dca849930652bfe30 (async-http-client-project-2.15.0)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e5d1ec2099a997ac3557d5f261c6f3e34ce3037

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e5d1ec2099a997ac3557d5f261c6f3e34ce3037
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260629/72715d3f/attachment.htm>


More information about the debian-security-tracker-commits mailing list