[Git][security-tracker-team/security-tracker][master] 3 commits: squirrel3: follow trixie triage

Sylvain Beucler (@beuc) gitlab at salsa.debian.org
Mon May 18 12:59:54 BST 2026 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
489422db by Sylvain Beucler at 2026-05-18T13:56:56+02:00
squirrel3: follow trixie triage

(not in bookworm)

- - - - -
97c05ad7 by Sylvain Beucler at 2026-05-18T13:58:45+02:00
CVE-2026-44673: bookworm's package is libyang2

- - - - -
28a994b0 by Sylvain Beucler at 2026-05-18T13:59:15+02:00
CVE-2026-44673/libyang: bullseye postponed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -702,8 +702,9 @@ CVE-2026-44678 (Tuist is a virtual platform team for Swift app devs. In 1.180.8
 CVE-2026-44673 (libyang is a YANG data modeling language library. Prior to SO 5.2.15,  ...)
 	- libyang <unfixed>
 	[trixie] - libyang <no-dsa> (Minor issue)
-	[bookworm] - libyang <no-dsa> (Minor issue)
+	[bullseye] - libyang <postponed> (Minor issue)
 	- libyang2 <removed>
+	[bookworm] - libyang2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/CESNET/libyang/security/advisories/GHSA-vw2p-pq79-92xh
 CVE-2026-44671 (ZITADEL is an open source identity management platform. From 2.71.11 t ...)
 	NOT-FOR-US: Zitadel
@@ -4618,6 +4619,7 @@ CVE-2026-8262 (A vulnerability was identified in Devs Palace ERP Online up to 4.
 CVE-2026-8261 (A vulnerability was determined in Squirrel up to 3.2. This affects the ...)
 	- squirrel3 <unfixed>
 	[trixie] - squirrel3 <no-dsa> (Minor issue)
+	[bullseye] - squirrel3 <postponed> (Minor issue)
 	NOTE: https://github.com/albertodemichelis/squirrel/issues/326
 CVE-2026-8260 (A vulnerability was found in D-Link DCS-935L up to 1.10.01. The impact ...)
 	NOT-FOR-US: D-Link
@@ -4626,6 +4628,7 @@ CVE-2026-8259 (A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The
 CVE-2026-8258 (A flaw has been found in Squirrel up to 3.2. Impacted is the function  ...)
 	- squirrel3 <unfixed>
 	[trixie] - squirrel3 <no-dsa> (Minor issue)
+	[bullseye] - squirrel3 <postponed> (Minor issue)
 	NOTE: https://github.com/albertodemichelis/squirrel/issues/325
 CVE-2026-8257 (A vulnerability was detected in WebAssembly Binaryen up to 117. This i ...)
 	- binaryen <unfixed> (unimportant)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ffc1c5ed54a95df88077fcb1d56b50c8f0de11ef...28a994b04367943251c20b43debb9d556204e175

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ffc1c5ed54a95df88077fcb1d56b50c8f0de11ef...28a994b04367943251c20b43debb9d556204e175
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260518/ad227b95/attachment.htm>

More information about the debian-security-tracker-commits mailing list