[Git][security-tracker-team/security-tracker][master] openvpn, nss DSA

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu May 21 21:36:13 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b6a8a147 by Moritz Mühlenhoff at 2026-05-21T22:35:46+02:00
openvpn, nss DSA

- - - - -


2 changed files:

- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/DSA/list
=====================================
@@ -1,3 +1,10 @@
+[21 May 2026] DSA-6290-1 nss - security update
+	{CVE-2026-6766 CVE-2026-6767 CVE-2026-6772}
+	[trixie] - nss 2:3.110-1+deb13u2
+[21 May 2026] DSA-6289-1 openvpn - security update
+	{CVE-2026-35058 CVE-2026-40215}
+	[bookworm] - openvpn 2.6.14-0+deb12u1
+	[trixie] - openvpn 2.6.14-1+deb13u2
 [21 May 2026] DSA-6288-1 thunderbird - security update
 	{CVE-2026-8388 CVE-2026-8391 CVE-2026-8401 CVE-2026-8946 CVE-2026-8947 CVE-2026-8950 CVE-2026-8953 CVE-2026-8954 CVE-2026-8955 CVE-2026-8956 CVE-2026-8957 CVE-2026-8958 CVE-2026-8961 CVE-2026-8962 CVE-2026-8968 CVE-2026-8970 CVE-2026-8974 CVE-2026-8975}
 	[bookworm] - thunderbird 1:140.11.0esr-1~deb12u1


=====================================
data/dsa-needed.txt
=====================================
@@ -72,14 +72,11 @@ modsecurity
 --
 netty
 --
-nss (jmm)
+nss/oldstable
 --
 opennds/oldstable
   pinged maintainer, but no reply yet. should most probably be bumped to 10.x
 --
-openvpn (jmm)
-  Maintainer already prepared debdiff for trixie, bookworm is harder, needs discussion
---
 pdfminer (carnil)
   Required followup for CVE-2025-64512 as original fix was incomplete.
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6a8a1479c08b9f00f338f1c36fcba97f30952e8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6a8a1479c08b9f00f338f1c36fcba97f30952e8
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260521/e1bdece1/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list