[Git][security-tracker-team/security-tracker][master] Add one new phpseclib issue
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Mar 21 07:37:07 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
169d503f by Salvatore Bonaccorso at 2026-03-21T08:36:48+01:00
Add one new phpseclib issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -441,7 +441,11 @@ CVE-2026-32938 (SiYuan is a personal knowledge management system. In versions 3.
CVE-2026-32937 (free5GC is an open source 5G core network. free5GC CHF prior to versio ...)
NOT-FOR-US: Free5GC
CVE-2026-32935 (phpseclib is a PHP secure communications library. Projects using versi ...)
- TODO: check
+ - php-phpseclib3 <unfixed>
+ - php-phpseclib <unfixed>
+ - phpseclib <unfixed>
+ NOTE: https://github.com/phpseclib/phpseclib/security/advisories/GHSA-94g3-g5v7-q4jg
+ NOTE: Fixed by: https://github.com/phpseclib/phpseclib/commit/ccc21aef71eb170e9bf819b167e67d1fd9e6e788 (3.0.50, 2.0.52, 1.0.27)
CVE-2026-32933 (AutoMapper is a convention-based object-object mapper in .NET. Version ...)
NOT-FOR-US: AutoMapper
CVE-2026-32891 (Anchorr is a Discord bot for requesting movies and TV shows and receiv ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/169d503fb4ccc2a93eba26f2c469b065fe45b2a9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/169d503fb4ccc2a93eba26f2c469b065fe45b2a9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260321/40daef6a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list