[Git][security-tracker-team/security-tracker][master] Add CVE-2026-44307/mako
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu May 14 10:40:44 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
74cd7a1b by Salvatore Bonaccorso at 2026-05-14T11:40:28+02:00
Add CVE-2026-44307/mako
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -938,7 +938,10 @@ CVE-2026-44347 (Warpgate is an open source SSH, HTTPS and MySQL bastion host for
CVE-2026-44341 (GoJobs is a REST API for a Job Board platform. The application exposes ...)
NOT-FOR-US: GoJobs
CVE-2026-44307 (Mako is a template library written in Python. Prior to 1.3.12, on Wind ...)
- TODO: check
+ - mako <not-affected> (Only affects Mako on Windows)
+ NOTE: https://github.com/sqlalchemy/mako/security/advisories/GHSA-2h4p-vjrc-8xpq
+ NOTE: https://github.com/sqlalchemy/mako/issues/435
+ NOTE: https://github.com/sqlalchemy/mako/commit/72e10c573ca0fbcbddd4455abca8ce92a61780d7 (rel_1_3_12)
CVE-2026-44306 (Statamic is a Laravel and Git powered content management system (CMS). ...)
NOT-FOR-US: Statamic
CVE-2026-44305 (Lemur manages TLS certificate creation. Prior to 1.9.0, when LDAP TLS ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74cd7a1b11c62721d30fd3684ba8be0cc923caed
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74cd7a1b11c62721d30fd3684ba8be0cc923caed
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260514/35492dd3/attachment.htm>
More information about the debian-security-tracker-commits
mailing list