[Git][security-tracker-team/security-tracker][master] Add new python-authlib issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Mar 16 21:57:45 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a5931d81 by Salvatore Bonaccorso at 2026-03-16T22:57:20+01:00
Add new python-authlib issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -147,13 +147,19 @@ CVE-2026-29513 (Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a s
CVE-2026-29510 (Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a stored ...)
NOT-FOR-US: Hereta
CVE-2026-28498 (Authlib is a Python library which builds OAuth and OpenID Connect serv ...)
- TODO: check
+ - python-authlib 1.6.9-1
+ NOTE: https://github.com/authlib/authlib/security/advisories/GHSA-m344-f55w-2m6j
+ NOTE: Fixed by: https://github.com/authlib/authlib/commit/b9bb2b25bf8b7e01512d847a95c1749646eaa72b (v1.6.9)
CVE-2026-28490 (Authlib is a Python library which builds OAuth and OpenID Connect serv ...)
- TODO: check
+ - python-authlib 1.6.9-1
+ NOTE: https://github.com/authlib/authlib/security/advisories/GHSA-7432-952r-cw78
+ NOTE: Fixed by: https://github.com/authlib/authlib/commit/48b345f29f6c459f11c6a40162b6c0b742ef2e22 (v1.6.9)
CVE-2026-28430 (Chamilo LMS is a learning management system. Prior to version 1.11.34, ...)
NOT-FOR-US: Chamilo LMS
CVE-2026-27962 (Authlib is a Python library which builds OAuth and OpenID Connect serv ...)
- TODO: check
+ - python-authlib 1.6.9-1
+ NOTE: https://github.com/authlib/authlib/security/advisories/GHSA-wvwj-cvrp-7pv5
+ NOTE: Fixed by: https://github.com/authlib/authlib/commit/a5d4b2d4c9e46bfa11c82f85fdc2bcc0b50ae681 (v1.6.9)
CVE-2026-26304 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2 fail to verify ...)
- mattermost-server <itp> (bug #823556)
CVE-2026-26246 (Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5931d81ab8daa9f9c1fb2ecb5622e17bdfeebda
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5931d81ab8daa9f9c1fb2ecb5622e17bdfeebda
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260316/39767042/attachment.htm>
More information about the debian-security-tracker-commits
mailing list