[Git][security-tracker-team/security-tracker][master] Add CVE-2026-34253/vorbis-tools

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun May 17 14:15:32 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
505b715d by Salvatore Bonaccorso at 2026-05-17T15:15:21+02:00
Add CVE-2026-34253/vorbis-tools

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -415,7 +415,11 @@ CVE-2026-38728 (An issue in Nodemailer smtp_server before v.3.18.3 allows a remo
 CVE-2026-35194 (Code injection in SQL code generation in Apache Flink 1.15.0 through 1 ...)
 	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-34253 (A buffer underflow vulnerability has been identified in the ogg123 uti ...)
-	TODO: check
+	- vorbis-tools <unfixed>
+	NOTE: https://gitlab.xiph.org/xiph/vorbis-tools/-/work_items/2332
+	NOTE: https://gitlab.xiph.org/xiph/vorbis-tools/-/merge_requests/27
+	NOTE: https://gitlab.xiph.org/xiph/vorbis-tools/-/commit/4bb4fb33b25949178179f689db9afb477abeb572
+	NOTE: https://gitlab.xiph.org/xiph/vorbis-tools/-/commit/cfc497a442f51fb4885e132deaf2e0ba067bd280
 CVE-2026-2031 (An Improper Access Controlvulnerability inseveral internal API endpoin ...)
 	NOT-FOR-US: Google Cloud
 CVE-2026-23695 (Cockpit CMS through version 2.14.0, patched in commit 72a83fc, contain ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/505b715d33a19b442d1ab7bd14490c1ade268252

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/505b715d33a19b442d1ab7bd14490c1ade268252
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260517/a0f2eeba/attachment.htm>

More information about the debian-security-tracker-commits mailing list