[Git][security-tracker-team/security-tracker][master] Add two new gzip issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jun 29 21:57:52 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cb86c059 by Salvatore Bonaccorso at 2026-06-29T22:57:31+02:00
Add two new gzip issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -129,9 +129,11 @@ CVE-2026-49049 (The Helix3 plugin for Joomla exposes an ajax handler task, that
CVE-2026-46406 (Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the ...)
NOT-FOR-US: Claude Code
CVE-2026-41992 (GNU gzip contains a global buffer overflow vulnerability in the LZH de ...)
- TODO: check
+ - gzip <unfixed>
+ NOTE: https://cgit.git.savannah.gnu.org/cgit/gzip.git/commit/?id=63dbf6b3b9e6e781df1a6a64e609b10e23969681
CVE-2026-41991 (GNU gzip contains a vulnerability in the gzexe utility related to inse ...)
- TODO: check
+ - gzip <unfixed>
+ NOTE: https://cgit.git.savannah.gnu.org/cgit/gzip.git/commit/?id=4e6f8b24ab823146ab8776f0b7fe486ab34d4269
CVE-2026-41052 (Improper privilege handling could be used by users withProject Owner r ...)
NOT-FOR-US: Rancher
CVE-2026-40524 (FrontAccounting before 2.4.20 contains a SQL injection vulnerability i ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb86c059de4108841ef50a803922a5880c950c22
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb86c059de4108841ef50a803922a5880c950c22
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260629/5091369a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list