[Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2026-4897
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Mar 29 16:49:50 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
21fb4f93 by Salvatore Bonaccorso at 2026-03-29T17:48:41+02:00
Add upstream commit reference for CVE-2026-4897
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -876,7 +876,7 @@ CVE-2026-4923 (Impact: When using multiple wildcards, combined with at least on
CVE-2026-4897 (A flaw was found in polkit. A local user can exploit this by providing ...)
- policykit-1 <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2451739
- TODO: check upstream details
+ NOTE: Fixed by: https://github.com/polkit-org/polkit/commit/7e122c8a5120c2aae2d9d44a26796dc18f5b677c
CVE-2026-4887 (A flaw was found in GIMP. This issue is a heap buffer over-read in GIM ...)
- gimp 3.2.0-1 (unimportant)
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/15960
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21fb4f9315b486acff1421d0b68f00dacbbd9429
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21fb4f9315b486acff1421d0b68f00dacbbd9429
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260329/5a81486a/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list