[Git][security-tracker-team/security-tracker][master] 4 commits: Add embeds of/in packages I maintain.

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 2 14:59:53 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a292e7b8 by Andrius Merkys at 2026-04-29T02:23:29-04:00
Add embeds of/in packages I maintain.

- - - - -
78e247af by Andrius Merkys at 2026-04-29T02:25:13-04:00
Merge branch 'master' into embedded-code-copies-games-multimedia

- - - - -
96175bf4 by Andrius Merkys at 2026-04-29T03:16:45-04:00
vst3sdk unembed from juce has bug report.

- - - - -
8c2d49ab by Salvatore Bonaccorso at 2026-05-02T15:59:51+02:00
Merge branch 'embedded-code-copies-games-multimedia' into 'master'

embedded-code-copies: embeds in games and multimedia teams

See merge request security-tracker-team/security-tracker!288
- - - - -


1 changed file:

- data/embedded-code-copies


Changes:

=====================================
data/embedded-code-copies
=====================================
@@ -3607,6 +3607,7 @@ libstb
 	- sumo 1.24.0+dfsg2-1 (embed; bug #950251)
 	- yquake2 <unfixed> (embed; bug #950252)
 	- dart <unfixed> (modified-embed)
+	- raylib <unfixed> (embed)
 
 http-parser
 	- nodejs <unfixed> (embed)
@@ -3925,6 +3926,7 @@ dr_flac (not packaged in Debian)
 	- libsdl2-mixer <not-affected> (embed)
 	NOTE: libsdl2-mixer embedds vulnerable code in dr_flac, but is compiled with coded
 	NOTE: disabled via --enable-music-flac-libflac --disable-music-flac-drflac
+	- raylib <unfixed> (embed)
 
 libcrypto++
 	- cryfs 0.11.4-5 (modified-embed; bug #1108008)
@@ -3946,3 +3948,14 @@ picohttpparser (itp: #1132124)
 	- identity4c <unfixed> (embed)
 	- libhttp-parser-xs-perl <unfixed> (embed)
 	- monitoring-plugins <unfixed> (embed)
+
+vst3sdk
+	- ardour <unfixed> (embed)
+	- juce <unfixed> (embed; bug #1135201)
+	- qtractor <unfixed> (embed)
+
+rapidjson
+	- vst3sdk <unfixed> (modified-embed)
+
+nanovg
+	- bespokesynth <unfixed> (embed)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1fd378c06736f1df3a8f99e54656ba73be740c76...8c2d49ab9b526a5d8a33ee0d03285044e19eea9a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1fd378c06736f1df3a8f99e54656ba73be740c76...8c2d49ab9b526a5d8a33ee0d03285044e19eea9a
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260502/c2a996cb/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list