[Git][security-tracker-team/security-tracker][master] Add two new issues in cing

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue May 5 10:35:47 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
34275d5b by Salvatore Bonaccorso at 2026-05-05T11:35:13+02:00
Add two new issues in cing

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -187,9 +187,15 @@ CVE-2026-42154 (Prometheus is an open-source monitoring system and time series d
 CVE-2026-42151 (Prometheus is an open-source monitoring system and time series databas ...)
 	TODO: check
 CVE-2026-42146 (CImg Library is a C++ library for image processing. Prior to commit c3 ...)
-	TODO: check
+	- cimg <unfixed>
+	NOTE: https://github.com/GreycLab/CImg/security/advisories/GHSA-g54r-qmgx-c6fv
+	NOTE: https://github.com/GreycLab/CImg/issues/477
+	NOTE: Fixed by: https://github.com/GreycLab/CImg/commit/c3aacf5b96ac1e54b7af1957c6737dbf3949f6d3 (v3.7.5)
 CVE-2026-42144 (CImg Library is a C++ library for image processing. Prior to commit 4c ...)
-	TODO: check
+	- cimg <unfixed>
+	NOTE: https://github.com/GreycLab/CImg/security/advisories/GHSA-4663-63fm-44gc
+	NOTE: https://github.com/GreycLab/CImg/issues/478
+	NOTE: Fixed by: https://github.com/GreycLab/CImg/commit/4ca26bce4d8c61fcd1507d5f9401b9fb1222c27d (v3.7.5)
 CVE-2026-42140 (PlantUML Macro is a macro for rendering UML diagrams from simple textu ...)
 	NOT-FOR-US: XWiki
 CVE-2026-42138 (Dify is an open-source LLM app development platform. Prior to version  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34275d5be06a4a322185170f43fa2e83e23bd2b3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34275d5be06a4a322185170f43fa2e83e23bd2b3
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260505/2996f81a/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list