[Git][security-tracker-team/security-tracker][master] Ignore CVE-2026-7381 for trixie and bookworm

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue May 5 21:53:21 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4f25a392 by Salvatore Bonaccorso at 2026-05-05T22:52:49+02:00
Ignore CVE-2026-7381 for trixie and bookworm

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2885,10 +2885,11 @@ CVE-2026-33846 (A heap buffer overflow vulnerability exists in the DTLS handshak
 	NOTE: Fixed by: https://gitlab.com/gnutls/gnutls/-/commit/65ab33fa54e34fba69d793735b7df3d383d1ff78 (3.8.13)
 CVE-2026-7381 (Plack::Middleware::XSendfile versions through 1.0053 for Perl can allo ...)
 	- libplack-perl <unfixed> (bug #1135324)
-	[trixie] - libplack-perl <no-dsa> (Minor issue)
-	[bookworm] - libplack-perl <no-dsa> (Minor issue)
+	[trixie] - libplack-perl <ignored> (Minor issue)
+	[bookworm] - libplack-perl <ignored> (Minor issue)
 	[bullseye] - libplack-perl <postponed> (Minor issue; can be fixed in next update)
 	NOTE: https://lists.security.metacpan.org/cve-announce/msg/39467666/
+	NOTE: Plack::Middleware::XSendfile documented as deprecated.
 CVE-2026-40684 (In Exim before 4.99.2, on systems using musl libc (not glibc), an atta ...)
 	- exim4 4.99.2-1 (unimportant)
 	NOTE: Fixed by: https://code.exim.org/exim/exim/commit/628bbaca7672748d941a12e7cd5f0122a4e18c81



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f25a39256ab3d0af8d9981b78a7c9e8ac94987c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f25a39256ab3d0af8d9981b78a7c9e8ac94987c
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260505/6d31a9c3/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list