[Git][security-tracker-team/security-tracker][master] Add one new busybox issue

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed May 6 07:51:29 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dbac9135 by Salvatore Bonaccorso at 2026-05-06T08:49:33+02:00
Add one new busybox issue

At point of commit the url were not accessible to the git repository.
Might be worth updating them to a stable mirror of busybox.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -643,7 +643,9 @@ CVE-2026-29169 (A NULL pointer dereference in mod_dav_lock in Apache HTTP Server
 	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2026-29169
 	NOTE: https://github.com/apache/httpd/commit/225dc070adba11040b774cf641e1d8bc79941643 (2.4.67-rc1-candidate)
 CVE-2026-29004 (BusyBox before commit 42202bf contains a heap buffer overflow vulnerab ...)
-	TODO: check
+	- busybox <unfixed>
+	NOTE: https://git.busybox.net/busybox/commit/archival?id=42202bfb1e6ac51fa995beda8be4d7b654aeee2a
+	NOTE: https://git.busybox.net/busybox/commit/archival?id=d368f3f7836d1c2484c8f839316e5c93e76d4409
 CVE-2026-26956 (vm2 is an open source vm/sandbox for Node.js. In version 3.10.4, vm2 i ...)
 	NOT-FOR-US: vm2
 CVE-2026-26332 (vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dbac913565d062057614fc147311c327f1b5b4cb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dbac913565d062057614fc147311c327f1b5b4cb
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260506/3f9d14db/attachment.htm>

More information about the debian-security-tracker-commits mailing list