[Git][security-tracker-team/security-tracker][master] Add two new libcrypt-openssl-pkcs12-perl issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun May 17 20:34:11 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
61e0fd09 by Salvatore Bonaccorso at 2026-05-17T21:33:16+02:00
Add two new libcrypt-openssl-pkcs12-perl issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -61,11 +61,16 @@ CVE-2026-8724 (A security flaw has been discovered in Dataease 2.10.20. Impacted
 CVE-2026-8723 (### Summary    `qs.stringify` throws `TypeError` when called with `arr ...)
 	TODO: check
 CVE-2026-8721 (Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwo ...)
-	TODO: check
+	- libcrypt-openssl-pkcs12-perl <unfixed>
+	NOTE: https://lists.security.metacpan.org/cve-announce/msg/40149249/
 CVE-2026-8719 (The AI Engine \u2013 The Chatbot, AI Framework & MCP for WordPress plu ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-8507 (Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out of boun ...)
-	TODO: check
+	- libcrypt-openssl-pkcs12-perl <unfixed>
+	NOTE: https://lists.security.metacpan.org/cve-announce/msg/40149247/
+	NOTE: https://github.com/dsully/perl-crypt-openssl-pkcs12/issues/55
+	NOTE: https://github.com/dsully/perl-crypt-openssl-pkcs12/issues/56
+	NOTE: Fixed by: https://github.com/dsully/perl-crypt-openssl-pkcs12/commit/b9d0469c6d8f5b5c6c2a45a3d0647a532b749397
 CVE-2026-6050
 	REJECTED
 CVE-2026-46720 (Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric inject ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61e0fd09ada3386443903cdb034378a97a327693

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61e0fd09ada3386443903cdb034378a97a327693
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260517/2e306189/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list