[Git][security-tracker-team/security-tracker][master] Add two more wolfssl issues

Fri Mar 20 22:16:28 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5a794a30 by Salvatore Bonaccorso at 2026-03-20T23:14:49+01:00
Add two more wolfssl issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -867,9 +867,13 @@ CVE-2026-30403 (There is an arbitrary file read vulnerability in the test connec
 CVE-2026-30402 (An issue in wgcloud v.2.3.7 and before allows a remote attacker to exe ...)
 	NOT-FOR-US: wgcloud
 CVE-2026-2646 (A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSL_d2i_S ...)
-	TODO: check
+	- wolfssl 5.9.0-0.1
+	NOTE: https://github.com/wolfSSL/wolfssl/pull/9748
+	NOTE: https://github.com/wolfSSL/wolfssl/pull/9949
 CVE-2026-2645 (In wolfSSL 5.8.2 and earlier, a logic flaw existed in the TLS 1.2 serv ...)
-	TODO: check
+	- wolfssl 5.9.0-0.1
+	NOTE: https://github.com/wolfSSL/wolfssl/pull/9694
+	NOTE: Fixed by: https://github.com/wolfSSL/wolfssl/commit/8902afdcea1a277011f31788a9899c6c8e225eca (v5.9.0-stable)
 CVE-2026-27070 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-27068 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a794a30eb7e78e5035d101d4a803b235f9f300b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a794a30eb7e78e5035d101d4a803b235f9f300b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260320/b1861569/attachment.htm>
