[Git][security-tracker-team/security-tracker][master] Track fix via unstable for CVE-2026-28525/swupdate

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ae368a3e by Salvatore Bonaccorso at 2026-05-02T13:59:11+02:00
Track fix via unstable for CVE-2026-28525/swupdate

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4553,7 +4553,7 @@ CVE-2026-29051 (melange allows users to build apk packages using declarative pip
 CVE-2026-29050 (melange allows users to build apk packages using declarative pipelines ...)
 	NOT-FOR-US: melange
 CVE-2026-28525 (SWUpdate contains an integer underflow vulnerability in the multipart  ...)
-	- swupdate <unfixed>
+	- swupdate 2025.12+dfsg-9
 	NOTE: Fixed by: https://github.com/sbabic/swupdate/commit/beee2dc0feef1cfe84f1aa6fc980e104b2e47a74
 CVE-2026-27843 (A vulnerability exists inSenseLive X3050's web management interface th ...)
 	NOT-FOR-US: SenseLive



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae368a3e3558ce557551ff52f5a7781d78e0743c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae368a3e3558ce557551ff52f5a7781d78e0743c
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260502/27d78539/attachment.htm>