[Git][security-tracker-team/security-tracker][master] mark poetry as fixed starting with trixie
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri May 8 15:38:47 BST 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b9343f07 by Moritz Muehlenhoff at 2026-05-08T16:38:17+02:00
mark poetry as fixed starting with trixie
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8674,12 +8674,12 @@ CVE-2026-41322 (@astrojs/node allows Astro to deploy your SSR site to Node targe
CVE-2026-41321 (@astrojs/cloudflare is an SSR adapter for use with Cloudflare Workers ...)
NOT-FOR-US: @astrojs/cloudflare
CVE-2026-41140 (Poetry is a dependency manager for Python. Prior to 2.3.4, the extract ...)
- - poetry <unfixed>
- [trixie] - poetry <not-affected> (Trixie ships Python 3.13)
+ - poetry 2.1.2+dfsg-1
[bookworm] - poetry <no-dsa> (Minor issue)
NOTE: https://github.com/python-poetry/poetry/security/advisories/GHSA-73h3-mf4w-8647
NOTE: Fixed by: https://github.com/python-poetry/poetry/commit/47e97340cae50d3698aac858732788861ba8dd1f (main)
NOTE: Fixed by: https://github.com/python-poetry/poetry/commit/e512e7fc5557251c7c9c59d0029506e77db1ea18 (2.3.4)
+ NOTE: Only an issue with old Python, marking the version in trixie as the first fixed version since it ships Python 3.13
CVE-2026-41079 (OpenPrinting CUPS is an open source printing system for Linux and othe ...)
- cups 2.4.17-1
NOTE: https://github.com/OpenPrinting/cups/security/advisories/GHSA-6wpw-g8g6-wvrv
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9343f07af1c344ab05c17e5cce3bfd94b77e7ef
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9343f07af1c344ab05c17e5cce3bfd94b77e7ef
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260508/01846c8d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list