[Git][security-tracker-team/security-tracker][master] Remove listing of CVE-2026-45232

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed May 20 15:38:55 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b7fff3d7 by Salvatore Bonaccorso at 2026-05-20T16:38:39+02:00
Remove listing of CVE-2026-45232

It was fixed upstream but not included in the big patchset for rsync.
Retrospectively fix the listing (although too late for the advisory
itself sent out).

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -503,6 +503,8 @@ CVE-2026-43620 (Rsync version3.4.2 and prior contain a receiver-side out-of-boun
 	NOTE: https://www.openwall.com/lists/oss-security/2026/05/20/6
 CVE-2026-45232 (Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack  ...)
 	- rsync 3.4.3+ds1-1
+	[trixie] - rsync <no-dsa> (Minor issue)
+	[bookworm] - rsync <no-dsa> (Minor issue)
 	NOTE: https://download.samba.org/pub/rsync/NEWS#3.4.3
 	NOTE: https://www.openwall.com/lists/oss-security/2026/05/20/6
 CVE-2026-5090 (Template::Plugin::HTML versions through 3.102 for Perl allows HTML and ...)


=====================================
data/DSA/list
=====================================
@@ -1,5 +1,5 @@
 [20 May 2026] DSA-6282-1 rsync - security update
-	{CVE-2026-29518 CVE-2026-43617 CVE-2026-43618 CVE-2026-43619 CVE-2026-43620 CVE-2026-45232}
+	{CVE-2026-29518 CVE-2026-43617 CVE-2026-43618 CVE-2026-43619 CVE-2026-43620}
 	[bookworm] - rsync 3.2.7-1+deb12u5
 	[trixie] - rsync 3.4.1+ds1-5+deb13u3
 [19 May 2026] DSA-6281-1 gnutls28 - security update



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7fff3d766549e460718474e0dffd574569f9ab3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7fff3d766549e460718474e0dffd574569f9ab3
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260520/e7776823/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list