[Git][security-tracker-team/security-tracker][master] Track fixed version for three apache-opennlp issues via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed May 6 09:26:56 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3ef33797 by Salvatore Bonaccorso at 2026-05-06T10:24:46+02:00
Track fixed version for three apache-opennlp issues via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -534,7 +534,7 @@ CVE-2026-42809 (Apache Polaris can issue broad temporary ("vended") storage cred
CVE-2026-42796 (Arelle before 2.39.10 contains an unauthenticated remote code executio ...)
NOT-FOR-US: Arelle
CVE-2026-42440 (OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP ...)
- - apache-opennlp <unfixed> (bug #1135782)
+ - apache-opennlp 2.5.9-1 (bug #1135782)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/01/21
NOTE: https://issues.apache.org/jira/browse/OPENNLP-1821
NOTE: https://github.com/apache/opennlp/pull/1022
@@ -640,7 +640,7 @@ CVE-2026-42052 (Beets is the media library management system. Prior to version 2
- beets <unfixed> (bug #1135779)
NOTE: https://github.com/beetbox/beets/security/advisories/GHSA-3gxm-wfjx-m847
CVE-2026-42027 (Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP Ext ...)
- - apache-opennlp <unfixed> (bug #1135782)
+ - apache-opennlp 2.5.9-1 (bug #1135782)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/01/20
NOTE: https://issues.apache.org/jira/browse/OPENNLP-1820
NOTE: https://github.com/apache/opennlp/pull/1021
@@ -669,7 +669,7 @@ CVE-2026-41471 (Easy PayPal Events & Tickets plugin for WordPress versions 1.3 a
CVE-2026-40797 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-40682 (XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache ...)
- - apache-opennlp <unfixed> (bug #1135782)
+ - apache-opennlp 2.5.9-1 (bug #1135782)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/01/19
NOTE: https://issues.apache.org/jira/browse/OPENNLP-1819
NOTE: https://github.com/apache/opennlp/pull/1019
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef33797e75007522888015310732dd11a4e840c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef33797e75007522888015310732dd11a4e840c
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260506/ced32771/attachment.htm>
More information about the debian-security-tracker-commits
mailing list