[Git][security-tracker-team/security-tracker][master] Add CVE-2026-8328/python

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ce55b069 by Salvatore Bonaccorso at 2026-05-14T17:17:33+02:00
Add CVE-2026-8328/python

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -75,7 +75,15 @@ CVE-2026-8369 (Improper Input Validation in the NAT64 translator in The OpenThre
 CVE-2026-8367 (aria2c accepts a server certificate with incorrect Extended Key Usage  ...)
 	TODO: check
 CVE-2026-8328 (The ftpcp() function in Lib/ftplib.py was not updated when  CVE-2021-4 ...)
-	TODO: check
+	- python3.14 <unfixed>
+	- python3.13 <unfixed>
+	- python3.11 <removed>
+	- python3.9 <removed>
+	- python2.7 <removed>
+	- pypy3 <unfixed>
+	NOTE: https://mail.python.org/archives/list/security-announce@python.org/thread/ITF2BAPBQEPYK3LDMPRSY435JGNHYNDP/
+	NOTE: https://github.com/python/cpython/pull/149648
+	NOTE: https://github.com/python/cpython/commit/eac4fe3b2c77693790a5ef7dfab127c1fee81bf9
 CVE-2026-8280 (GitLab has remediated an issue in GitLab CE/EE affecting all versions  ...)
 	- gitlab <unfixed>
 CVE-2026-8181 (The Burst Statistics \u2013 Privacy-Friendly WordPress Analytics (Goog ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce55b06934ca55002c439e21f78b63f26f4ec8bb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce55b06934ca55002c439e21f78b63f26f4ec8bb
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260514/a65bf811/attachment-0001.htm>