[Git][security-tracker-team/security-tracker][master] 2 commits: Claim libssh2 in dla-needed.txt
Emmanuel Arias (@eamanu)
eamanu at debian.org
Mon Jun 29 21:42:00 BST 2026
Emmanuel Arias pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cf0b0849 by Emmanuel Arias at 2026-06-29T17:41:07-03:00
Claim libssh2 in dla-needed.txt
- - - - -
e9baa3f9 by Emmanuel Arias at 2026-06-29T17:41:08-03:00
data/CVE/list: Add commit link for bind9
Add commit link for CVE-2026-3592, CVE-2026-3039, CVE-2026-5946, CVE-2026-5950
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -28054,18 +28054,22 @@ CVE-2026-3592 (BIND resolvers are vulnerable to an amplified resource consumptio
{DSA-6285-1}
- bind9 1:9.20.23-1
NOTE: https://kb.isc.org/docs/cve-2026-3592
+ NOTE: https://gitlab.isc.org/isc-projects/bind9/-/commit/42fb4c1b7d7381ec8019f9f668d8ee2157b408a3
CVE-2026-3039 (BIND servers that are configured to use TKEY-based authentication via ...)
{DSA-6285-1}
- bind9 1:9.20.23-1
NOTE: https://kb.isc.org/docs/cve-2026-3039
+ NOTE: https://gitlab.isc.org/isc-projects/bind9/-/commit/7f04d7104304fdc6b858c41bb44ad151b2c3e1b7
CVE-2026-5946 (Multiple flaws have been identified in `named` related to the handling ...)
{DSA-6285-1}
- bind9 1:9.20.23-1
NOTE: https://kb.isc.org/docs/cve-2026-5946
+ NOTE: https://gitlab.isc.org/isc-projects/bind9/-/commit/ec2c98181115bd5f6c7087fcc74d816490d4312e
CVE-2026-5950 (An unbounded resend loop vulnerability exists in the BIND 9 resolver s ...)
{DSA-6285-1}
- bind9 1:9.20.23-1
NOTE: https://kb.isc.org/docs/cve-2026-5950
+ NOTE: https://gitlab.isc.org/isc-projects/bind9/-/commit/379ca10cf34759d0c007cebcd9280911161bca1a
CVE-2026-5947 (Undefined behavior may result due to a race condition leading to a use ...)
- bind9 1:9.20.23-1
[trixie] - bind9 1:9.20.23-1~deb13u1
=====================================
data/dla-needed.txt
=====================================
@@ -371,7 +371,7 @@ libsoup2.4/bullseye
NOTE: 20251209: possibly also look into wip by spwitton, thus unclaiming
NOTE: 20251209: rather than removing this entry. (ah)
--
-libssh2
+libssh2 (eamanu)
NOTE: 20260625: Added by Front-Desk (lamby)
--
libstb/bullseye
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9e2d22213cbbf98118307b2610fa40a868a173e2...e9baa3f95539685d5ccae0c522107f1d6e4b1f3a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9e2d22213cbbf98118307b2610fa40a868a173e2...e9baa3f95539685d5ccae0c522107f1d6e4b1f3a
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260629/2ba2a5b9/attachment.htm>
More information about the debian-security-tracker-commits
mailing list