[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for erlang issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Mar 15 20:10:32 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cf4f6374 by Salvatore Bonaccorso at 2026-03-15T21:08:38+01:00
Add Debian bug reference for erlang issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -529,19 +529,19 @@ CVE-2026-26954 (SandboxJS is a JavaScript sandboxing library. Prior to 0.8.34, i
CVE-2026-24097 (Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0 ...)
- check-mk <removed>
CVE-2026-23943 (Improper Handling of Highly Compressed Data (Compression Bomb) vulnera ...)
- - erlang <unfixed>
+ - erlang <unfixed> (bug #1130912)
NOTE: https://github.com/erlang/otp/security/advisories/GHSA-c836-qprm-jw9r
NOTE: Fixed by: https://github.com/erlang/otp/commit/43a87b949bdff12d629a8c34146711d9da93b1b1 (OTP-28.4.1)
NOTE: Fixed by: https://github.com/erlang/otp/commit/93073c3bd338c60cd2bae715ce6a1d4ffc1a8fd3 (OTP-27.3.4.9)
NOTE: Fixed by: https://github.com/erlang/otp/commit/0c1c04b191f6ab940e8fcfabce39eb5a8a6440a4 (OTP-26.2.5.18)
CVE-2026-23942 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- - erlang <unfixed>
+ - erlang <unfixed> (bug #1130912)
NOTE: https://github.com/erlang/otp/security/advisories/GHSA-4749-w85x-hw9h
NOTE: Fixed by: https://github.com/erlang/otp/commit/27688a824f753d4c16371dc70e88753fb410590b (OTP-28.4.1)
NOTE: Fixed by: https://github.com/erlang/otp/commit/9e0ac85d3485e7898e0da88a14be0ee2310a3b28 (OTP-27.3.4.9)
NOTE: Fixed by: https://github.com/erlang/otp/commit/5ed603a1211b83b8be2d1fc06d3f3bf30c3c9759 (OTP-26.2.5.18)
CVE-2026-23941 (Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling' ...)
- - erlang <unfixed>
+ - erlang <unfixed> (bug #1130912)
NOTE: https://github.com/erlang/otp/security/advisories/GHSA-w4jc-9wpv-pqh7
NOTE: Fixed by: https://github.com/erlang/otp/commit/a4b46336fd25aa100ac602eb9a627aaead7eda18 (OTP-28.4.1)
NOTE: Fixed by: https://github.com/erlang/otp/commit/a761d391d8d08316cbd7d4a86733ba932b73c45b (OTP-27.3.4.9)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf4f6374c899736d2e10cebc039bbd8777f49f50
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf4f6374c899736d2e10cebc039bbd8777f49f50
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260315/7df3284e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list