[Git][security-tracker-team/security-tracker][master] CVE-2026-6245/sssd: introductory commit + bullseye not-affected
Sylvain Beucler (@beuc)
gitlab at salsa.debian.org
Wed May 20 19:00:41 BST 2026
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8f686817 by Sylvain Beucler at 2026-05-20T19:59:20+02:00
CVE-2026-6245/sssd: introductory commit + bullseye not-affected
More generally src/responder/pam/pamsrv_passkey.c introduced in 2.9.0,
bookworm shouldn't be affected either.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -20696,9 +20696,11 @@ CVE-2026-6245 (A flaw was found in the System Security Services Daemon (SSSD). T
- sssd <unfixed> (bug #1134269)
[trixie] - sssd <no-dsa> (Minor issue)
[bookworm] - sssd <no-dsa> (Minor issue)
+ [bullseye] - sssd <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2457954
NOTE: https://github.com/SSSD/sssd/pull/8622
NOTE: Fixed by: https://github.com/SSSD/sssd/commit/550b08cabe4dd5508c7ea74f634869374204d63f (2.13.0)
+ NOTE: Introduced by: https://github.com/SSSD/sssd/commit/c76ba343b783718468a3a108346d424f9a70eb76 (v2.9.0)
CVE-2026-6384 (A flaw was found in gimp. This buffer overflow vulnerability in the GI ...)
- gimp 3.2.2-1
[trixie] - gimp <not-affected> (Vulnerable code not present)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f686817480694779b85af7a87474d2e70795629
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f686817480694779b85af7a87474d2e70795629
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260520/8dd9a065/attachment.htm>
More information about the debian-security-tracker-commits
mailing list