[Git][security-tracker-team/security-tracker][master] new python issue

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jun 30 09:14:54 BST 2026



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bf04e32f by Moritz Muehlenhoff at 2026-06-30T10:14:34+02:00
new python issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5251,7 +5251,18 @@ CVE-2026-12094 (The Advanced Contact Form 7 - Compact DB plugin for WordPress is
 CVE-2026-11997 (The Bulk SEO Image plugin for WordPress is vulnerable to Cross-Site Re ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-11972 (When using the "tarfile" module with a file opened in "streaming mode" ...)
-	TODO: check
+	- python3.14 <unfixed>
+	- python3.13 <unfixed>
+	[trixie] - python3.13 <no-dsa> (Minor issue)
+	- python3.11 <removed>
+	- python3.9 <removed>
+	- python2.7 <removed>
+	- pypy3 <unfixed>
+	[trixie] - pypy3 <no-dsa> (Minor issue)
+	NOTE: https://mail.python.org/archives/list/security-announce@python.org/thread/AXPSKKTSRKXTTJULW3XSIC74WZNAAPPB/
+	NOTE: https://github.com/python/cpython/issues/151981
+	NOTE: https://github.com/python/cpython/commit/e86666c9dd256d52d0fbef6feb1ea4a51768fdec (3.14)
+	NOTE: https://github.com/python/cpython/commit/3f031d431f80668e14f3bc066bbf4369cd9281b9 (3.13)
 CVE-2026-11820 (A flaw was found in the community.general Ansible collection's nexmo m ...)
 	NOT-FOR-US: Red Hat
 CVE-2026-11819 (Module: plugins/modules/keyring_info.py   CVSS 3.1: 5.5 MEDIUM \u2014  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf04e32f88affefede7f12fc3dbfc13cf709852d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf04e32f88affefede7f12fc3dbfc13cf709852d
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260630/88aa65a4/attachment.htm>


More information about the debian-security-tracker-commits mailing list