[Git][security-tracker-team/security-tracker][master] Track CVE-2026-3305{5,6} as well for rustc as they have security impact in rustc
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Mar 26 15:05:45 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b5d0bf53 by Salvatore Bonaccorso at 2026-03-26T16:04:36+01:00
Track CVE-2026-3305{5,6} as well for rustc as they have security impact in rustc
Thanks: Fabian Grünbichler
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4115,11 +4115,13 @@ CVE-2026-33060 (CKAN MCP Server is a tool for querying CKAN open data portals. V
CVE-2026-33057 (Mesop is a Python-based UI framework that allows users to build web ap ...)
NOT-FOR-US: Mesop
CVE-2026-33056 (tar-rs is a tar archive reading/writing library for Rust. In versions ...)
+ - rustc <unfixed>
- rust-tar 0.4.45-1 (bug #1131481)
NOTE: https://rustsec.org/advisories/RUSTSEC-2026-0067.html
NOTE: https://github.com/alexcrichton/tar-rs/security/advisories/GHSA-j4xf-2g29-59ph
NOTE: Fixed by: https://github.com/alexcrichton/tar-rs/commit/17b1fd84e632071cb8eef9d3709bf347bd266446 (0.4.45)
CVE-2026-33055 (tar-rs is a tar archive reading/writing library for Rust. Versions 0.4 ...)
+ - rustc <unfixed>
- rust-tar 0.4.45-1 (bug #1131480)
NOTE: https://rustsec.org/advisories/RUSTSEC-2026-0068.html
NOTE: https://github.com/alexcrichton/tar-rs/security/advisories/GHSA-gchp-q4r4-x4ff
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5d0bf530e695e92334087f0233a0446619b960f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5d0bf530e695e92334087f0233a0446619b960f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260326/7a896137/attachment.htm>
More information about the debian-security-tracker-commits
mailing list