[Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2026-42510 in ironic for bullseye LTS.

Chris Lamb (@lamby) lamby at debian.org
Fri May 1 21:39:34 BST 2026 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c4d4eb38 by Chris Lamb at 2026-05-01T13:39:23-07:00
Triage CVE-2026-42510 in ironic for bullseye LTS.

- - - - -
7a64e380 by Chris Lamb at 2026-05-01T13:39:24-07:00
Triage CVE-2026-7381 in libplack-perl for bullseye LTS.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1655,6 +1655,7 @@ CVE-2026-7381 (Plack::Middleware::XSendfile versions through 1.0053 for Perl can
 	- libplack-perl <unfixed> (bug #1135324)
 	[trixie] - libplack-perl <no-dsa> (Minor issue)
 	[bookworm] - libplack-perl <no-dsa> (Minor issue)
+	[bullseye] - libplack-perl <postponed> (Minor issue; can be fixed in next update)
 	NOTE: https://lists.security.metacpan.org/cve-announce/msg/39467666/
 CVE-2026-40684 (In Exim before 4.99.2, on systems using musl libc (not glibc), an atta ...)
 	- exim4 4.99.2-1 (unimportant)
@@ -2568,6 +2569,7 @@ CVE-2026-42510 (OpenStack Ironic before 35.0.1 allows ipmitool execution in a no
 	- ironic <unfixed> (bug #1135255)
 	[trixie] - ironic <no-dsa> (Minor issue; can be fixed via point release)
 	[bookworm] - ironic <no-dsa> (Minor issue; can be fixed via point release)
+	[bullseye] - ironic <postponed> (Minor issue; can be fixed in next update)
 	NOTE: https://bugs.launchpad.net/ironic/+bug/2148331
 CVE-2026-41372 (OpenClaw before 2026.4.2 fails to normalize trailing-dot localhost hos ...)
 	NOT-FOR-US: OpenClaw



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b66529a4ca360e0be4431688e29597a0e8717fe1...7a64e380b8658fc7601946773436157730e3f849

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b66529a4ca360e0be4431688e29597a0e8717fe1...7a64e380b8658fc7601946773436157730e3f849
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260501/3b3daebd/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list