[Git][security-tracker-team/security-tracker][master] Add Debian bug references for pypdf issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Mar 7 20:29:07 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0a3fd550 by Salvatore Bonaccorso at 2026-03-07T21:28:29+01:00
Add Debian bug references for pypdf issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -582,7 +582,7 @@ CVE-2026-29039 (changedetection.io is a free open source web page change detecti
 CVE-2026-29038 (changedetection.io is a free open source web page change detection too ...)
 	NOT-FOR-US: changedetection.io
 CVE-2026-28804 (pypdf is a free and open-source pure-python PDF library. Prior to vers ...)
-	- pypdf <unfixed>
+	- pypdf <unfixed> (bug #1130045)
 	- pypdf2 <removed>
 	NOTE: https://github.com/py-pdf/pypdf/security/advisories/GHSA-9m86-7pmv-2852
 	NOTE: https://github.com/py-pdf/pypdf/pull/3666
@@ -3026,7 +3026,7 @@ CVE-2026-28355 (Canarytokens help track activity and actions on a network. Versi
 CVE-2026-28352 (Indico is an event management system that uses Flask-Multipass, a mult ...)
 	NOT-FOR-US: Indico
 CVE-2026-28351 (pypdf is a free and open-source pure-python PDF library. Prior to vers ...)
-	- pypdf <unfixed>
+	- pypdf <unfixed> (bug #1130043)
 	[trixie] - pypdf <no-dsa> (Minor issue)
 	[bookworm] - pypdf <no-dsa> (Minor issue)
 	- pypdf2 <removed>
@@ -4333,7 +4333,7 @@ CVE-2026-27632 (Talishar is a fan-made Flesh and Blood project. Prior to commit
 CVE-2026-27629 (InvenTree is an Open Source Inventory Management System. Prior to vers ...)
 	NOT-FOR-US: InvenTree
 CVE-2026-27628 (pypdf is a free and open-source pure-python PDF library. Prior to 6.7. ...)
-	- pypdf <unfixed>
+	- pypdf <unfixed> (bug #1130042)
 	- pypdf2 <removed>
 	NOTE: https://github.com/py-pdf/pypdf/security/advisories/GHSA-2rw7-x74f-jg35
 	NOTE: https://github.com/py-pdf/pypdf/issues/3654



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a3fd55066d9c8b0c734527180c5d0a8bb1e3b8c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a3fd55066d9c8b0c734527180c5d0a8bb1e3b8c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260307/3838ece1/attachment.htm>

More information about the debian-security-tracker-commits mailing list