[Git][security-tracker-team/security-tracker][master] Add CVE-2026-34085/fontconfig

Thu Mar 26 10:16:40 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6906063a by Salvatore Bonaccorso at 2026-03-26T11:16:19+01:00
Add CVE-2026-34085/fontconfig

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -295,7 +295,9 @@ CVE-2026-3210 (Incorrect Authorization vulnerability in Drupal Material Icons al
 CVE-2026-3126
 	REJECTED
 CVE-2026-34085 (fontconfig before 2.17.1 has an off-by-one error in allocation during  ...)
-	TODO: check
+	- fontconfig 2.17.1-3
+	NOTE: https://gitlab.freedesktop.org/fontconfig/fontconfig/-/work_items/481
+	NOTE: Fixed by: https://gitlab.freedesktop.org/fontconfig/fontconfig/-/commit/b9bec06d73340f1b5727302d13ac3df307b7febc (2.17.1)
 CVE-2026-33809 (A maliciously crafted TIFF file can cause image decoding to attempt to ...)
 	TODO: check
 CVE-2026-33751 (n8n is an open source workflow automation platform. Prior to versions  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6906063acd44e41871d1cda60c1ffbb3219e15e5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6906063acd44e41871d1cda60c1ffbb3219e15e5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260326/d8b77a75/attachment-0001.htm>
