[Git][security-tracker-team/security-tracker][master] Mark keystone and ironic as no-dsa
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 1 15:53:11 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dd102ae4 by Salvatore Bonaccorso at 2026-05-01T16:52:58+02:00
Mark keystone and ironic as no-dsa
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1558,6 +1558,8 @@ CVE-2026-5306 (The Check & Log Email WordPress plugin before 2.0.13 does not pr
NOT-FOR-US: WordPress plugin
CVE-2026-42510 (OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-defa ...)
- ironic <unfixed> (bug #1135255)
+ [trixie] - ironic <no-dsa> (Minor issue; can be fixed via point release)
+ [bookworm] - ironic <no-dsa> (Minor issue; can be fixed via point release)
NOTE: https://bugs.launchpad.net/ironic/+bug/2148331
CVE-2026-41372 (OpenClaw before 2026.4.2 fails to normalize trailing-dot localhost hos ...)
NOT-FOR-US: OpenClaw
@@ -8000,6 +8002,8 @@ CVE-2026-40688 (An out-of-bounds write vulnerability [CWE-787] vulnerability in
NOT-FOR-US: Fortinet
CVE-2026-40683 (In OpenStack Keystone before 28.0.1, the LDAP identity backend does no ...)
- keystone 2:29.0.0~rc1-2 (bug #1133884)
+ [trixie] - keystone <no-dsa> (Minor issue; can be fixed via point release)
+ [bookworm] - keystone <no-dsa> (Minor issue; can be fixed via point release)
NOTE: https://review.opendev.org/c/openstack/keystone/+/958205
CVE-2026-40499 (radare2 prior to version 6.1.4 contains a command injection vulnerabil ...)
- radare2 <unfixed> (bug #1134622)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd102ae4cee8e31cd0a45e71f076f8a2401d1082
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd102ae4cee8e31cd0a45e71f076f8a2401d1082
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260501/b0d44de3/attachment.htm>
More information about the debian-security-tracker-commits
mailing list