[Git][security-tracker-team/security-tracker][master] Add CVE-2026-23865/freetype

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f0aa79bf by Salvatore Bonaccorso at 2026-03-02T21:39:01+01:00
Add CVE-2026-23865/freetype

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -121,7 +121,8 @@ CVE-2026-24105 (An issue was discovered in goform/formsetUsbUnload in Tenda AC15
 CVE-2026-24101 (An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03 ...)
 	NOT-FOR-US: Tenda
 CVE-2026-23865 (An integer overflow in the tt_var_load_item_variation_store function o ...)
-	TODO: check
+	- freetype <unfixed>
+	NOTE: Fixed by: https://gitlab.com/freetype/freetype/-/commit/fc85a255849229c024c8e65f536fe1875d84841c (VER-2-14-2)
 CVE-2026-23600 (A remote authentication bypass vulnerability   exists in HPE AutoPass  ...)
 	NOT-FOR-US: HPE
 CVE-2026-21882 (theshit is a command-line utility that automatically detects and fixes ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0aa79bfc981f68e918e7a9316cd46f97eb930ea

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0aa79bfc981f68e918e7a9316cd46f97eb930ea
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260302/eb5a2fa8/attachment.htm>