[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for Gitsign issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri May 15 22:55:27 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5394601e by Salvatore Bonaccorso at 2026-05-15T23:55:09+02:00
Add Debian bug reference for Gitsign issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -122,11 +122,11 @@ CVE-2026-44641 (Microsoft APM is an open-source, community-driven dependency man
 CVE-2026-44366 (Vvveb is a powerful and easy to use CMS with page builder to build web ...)
 	NOT-FOR-US: Vvveb
 CVE-2026-44310 (Gitsign is a keyless Sigstore to signing tool for Git commits with you ...)
-	- gitsign <unfixed>
+	- gitsign <unfixed> (bug #1136789)
 	NOTE: https://github.com/sigstore/gitsign/security/advisories/GHSA-7c37-gx6w-8vc5
 	NOTE: Fixed by: https://github.com/sigstore/gitsign/commit/d7565c405e188d1ad41d85d5f46adaeec4b85941 (v0.15.0)
 CVE-2026-44309 (Gitsign is a keyless Sigstore to signing tool for Git commits with you ...)
-	- gitsign <unfixed>
+	- gitsign <unfixed> (bug #1136789)
 	NOTE: https://github.com/sigstore/gitsign/security/advisories/GHSA-7rmh-48mx-2vwc
 	NOTE: Fixed by: https://github.com/sigstore/gitsign/commit/3c84d87240644b5c62b3b3d79177ae64448591c8 (v0.16.0)
 CVE-2026-44088 (SzafirHost verifies the signature of the downloaded JAR file using cla ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5394601ee62e0feb9a1bde26dab831af8a09aff3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5394601ee62e0feb9a1bde26dab831af8a09aff3
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260515/e4a97f95/attachment.htm>

More information about the debian-security-tracker-commits mailing list