[Git][security-tracker-team/security-tracker][master] Add CVE-2026-28802/python-authlib

Fri Mar 6 21:04:53 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fc89ff43 by Salvatore Bonaccorso at 2026-03-06T22:04:19+01:00
Add CVE-2026-28802/python-authlib

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -321,7 +321,11 @@ CVE-2026-28804 (pypdf is a free and open-source pure-python PDF library. Prior t
 	NOTE: https://github.com/py-pdf/pypdf/pull/3666
 	NOTE: Fixed by: https://github.com/py-pdf/pypdf/commit/648c627d2657447dfb1773412af05a0a5103b98f (6.7.5)
 CVE-2026-28802 (Authlib is a Python library which builds OAuth and OpenID Connect serv ...)
-	TODO: check
+	- python-authlib 1.6.7-1
+	[bookworm] - python-authlib <not-affected> (Vulnerable code not present)
+	NOTE: https://github.com/authlib/authlib/security/advisories/GHSA-7wc2-qxgw-g8gg
+	NOTE: Introduced with: https://github.com/authlib/authlib/commit/a61c2acb807496e67f32051b5f1b1d5ccf8f0a75 (v1.6.0)
+	NOTE: Fixed by: https://github.com/authlib/authlib/commit/b87c32ed07b8ae7f805873e1c9cafd1016761df7 (v1.6.7)
 CVE-2026-28801 (Natro Macro is an open-source Bee Swarm Simulator macro written in Aut ...)
 	TODO: check
 CVE-2026-28800 (Natro Macro is an open-source Bee Swarm Simulator macro written in Aut ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc89ff4379c3e9e63dd0bdf0283627401c4bf326

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc89ff4379c3e9e63dd0bdf0283627401c4bf326
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260306/eade9b5c/attachment.htm>
