[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-41409 for bookworm
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon May 4 13:17:39 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9a16503b by Salvatore Bonaccorso at 2026-05-04T14:15:37+02:00
Update status for CVE-2026-41409 for bookworm
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3330,7 +3330,7 @@ CVE-2026-41462 (ProjeQtor versions 7.0 through 12.4.3 contain an unauthenticated
CVE-2026-41409 (The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() ...)
- mina2 <unfixed> (bug #1135347)
[trixie] - mina2 <no-dsa> (Minor issue)
- [bookworm] - mina2 <no-dsa> (Minor issue)
+ [bookworm] - mina2 <not-affected> (Incomplete fix for CVE-2024-52046 not applied)
- mina <not-affected> (Incomplete fix for CVE-2024-52046 not applied)
NOTE: https://lists.apache.org/thread/9ddvsq6c4l5bhwq8l14sob4f8qjvx5c9
NOTE: Issue exists because of an incomplete fix for CVE-2024-52046
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a16503b6de24791f57e996cbb5e6ed0dd311208
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a16503b6de24791f57e996cbb5e6ed0dd311208
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260504/0fae1c9d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list