[Git][security-tracker-team/security-tracker][master] Add three new issues in pjproject

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Mar 20 21:35:14 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a98494d8 by Salvatore Bonaccorso at 2026-03-20T22:34:40+01:00
Add three new issues in pjproject

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -117,7 +117,9 @@ CVE-2026-33071 (FileRise is a self-hosted web file manager / WebDAV server. In v
 CVE-2026-33070 (FileRise is a self-hosted web file manager / WebDAV server. In version ...)
 	NOT-FOR-US: FileRise
 CVE-2026-33069 (PJSIP is a free and open source multimedia communication library writt ...)
-	TODO: check
+	- pjproject <removed>
+	NOTE: https://github.com/pjsip/pjproject/security/advisories/GHSA-x5pq-qrp4-fmrj
+	NOTE: https://github.com/pjsip/pjproject/commit/f0fa32a226df5f87a9903093e5d145ebb69734db
 CVE-2026-33068 (Claude Code is an agentic coding tool. Versions prior to 2.1.53 resolv ...)
 	NOT-FOR-US: Claude Code
 CVE-2026-33067 (SiYuan is a personal knowledge management system. Versions 3.6.0 and b ...)
@@ -407,9 +409,14 @@ CVE-2026-32947 (Harden-Runner is a CI/CD security agent that works like an EDR f
 CVE-2026-32946 (Harden-Runner is a CI/CD security agent that works like an EDR for Git ...)
 	NOT-FOR-US: Harden-Runner
 CVE-2026-32945 (PJSIP is a free and open source multimedia communication library writt ...)
-	TODO: check
+	- pjproject <removed>
+	NOTE: https://github.com/pjsip/pjproject/security/advisories/GHSA-jr2p-p2w4-rr9q
+	NOTE: https://github.com/pjsip/pjproject/commit/5311aee398ae9d623829a6bad7b679a193c9e199
 CVE-2026-32942 (PJSIP is a free and open source multimedia communication library writt ...)
-	TODO: check
+	- pjproject <removed>
+	NOTE: https://github.com/pjsip/pjproject/security/advisories/GHSA-g88q-c2hm-q7p7
+	NOTE: https://github.com/pjsip/pjproject/issues/1451
+	NOTE: https://github.com/pjsip/pjproject/commit/c9caceddabda7f18337b2a82d25d65f6224b450a
 CVE-2026-32941 (Sliver is a command and control framework that uses a custom Wireguard ...)
 	NOT-FOR-US: Sliver
 CVE-2026-32940 (SiYuan is a personal knowledge management system. In versions 3.6.0 an ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a98494d839f9340cdf22abae0408ca9b1c362e12

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a98494d839f9340cdf22abae0408ca9b1c362e12
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260320/11caf1b2/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list