[Git][security-tracker-team/security-tracker][master] erlang spu
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Mar 30 16:48:35 BST 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
41017a84 by Moritz Mühlenhoff at 2026-03-30T17:48:01+02:00
erlang spu
- - - - -
2 changed files:
- data/CVE/list
- data/next-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -8353,18 +8353,24 @@ CVE-2026-24097 (Improper permission enforcement in Checkmk versions 2.4.0 before
- check-mk <removed>
CVE-2026-23943 (Improper Handling of Highly Compressed Data (Compression Bomb) vulnera ...)
- erlang 1:27.3.4.9+dfsg-1 (bug #1130912)
+ [trixie] - erlang <no-dsa> (Minor issue)
+ [bookworm] - erlang <no-dsa> (Minor issue)
NOTE: https://github.com/erlang/otp/security/advisories/GHSA-c836-qprm-jw9r
NOTE: Fixed by: https://github.com/erlang/otp/commit/43a87b949bdff12d629a8c34146711d9da93b1b1 (OTP-28.4.1)
NOTE: Fixed by: https://github.com/erlang/otp/commit/93073c3bd338c60cd2bae715ce6a1d4ffc1a8fd3 (OTP-27.3.4.9)
NOTE: Fixed by: https://github.com/erlang/otp/commit/0c1c04b191f6ab940e8fcfabce39eb5a8a6440a4 (OTP-26.2.5.18)
CVE-2026-23942 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- erlang 1:27.3.4.9+dfsg-1 (bug #1130912)
+ [trixie] - erlang <no-dsa> (Minor issue)
+ [bookworm] - erlang <no-dsa> (Minor issue)
NOTE: https://github.com/erlang/otp/security/advisories/GHSA-4749-w85x-hw9h
NOTE: Fixed by: https://github.com/erlang/otp/commit/27688a824f753d4c16371dc70e88753fb410590b (OTP-28.4.1)
NOTE: Fixed by: https://github.com/erlang/otp/commit/9e0ac85d3485e7898e0da88a14be0ee2310a3b28 (OTP-27.3.4.9)
NOTE: Fixed by: https://github.com/erlang/otp/commit/5ed603a1211b83b8be2d1fc06d3f3bf30c3c9759 (OTP-26.2.5.18)
CVE-2026-23941 (Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling' ...)
- erlang 1:27.3.4.9+dfsg-1 (bug #1130912)
+ [trixie] - erlang <no-dsa> (Minor issue)
+ [bookworm] - erlang <no-dsa> (Minor issue)
NOTE: https://github.com/erlang/otp/security/advisories/GHSA-w4jc-9wpv-pqh7
NOTE: Fixed by: https://github.com/erlang/otp/commit/a4b46336fd25aa100ac602eb9a627aaead7eda18 (OTP-28.4.1)
NOTE: Fixed by: https://github.com/erlang/otp/commit/a761d391d8d08316cbd7d4a86733ba932b73c45b (OTP-27.3.4.9)
=====================================
data/next-point-update.txt
=====================================
@@ -142,3 +142,11 @@ CVE-2026-33347
[trixie] - php-league-commonmark 2.7.0-1+deb13u1
CVE-2026-30838
[trixie] - php-league-commonmark 2.7.0-1+deb13u1
+CVE-2026-23943
+ [trixie] - erlang 1:27.3.4.1+dfsg-1+deb13u2
+CVE-2026-23942
+ [trixie] - erlang 1:27.3.4.1+dfsg-1+deb13u2
+CVE-2026-23941
+ [trixie] - erlang 1:27.3.4.1+dfsg-1+deb13u2
+CVE-2026-21620
+ [trixie] - erlang 1:27.3.4.1+dfsg-1+deb13u2
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41017a8471997de55a8e05842cbdcaedd6640e70
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41017a8471997de55a8e05842cbdcaedd6640e70
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260330/3b7f27d7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list