[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2026-42151/prometheus: bullseye not-affected

Sylvain Beucler (@beuc) gitlab at salsa.debian.org
Fri May 22 18:02:03 BST 2026 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c8d20a68 by Sylvain Beucler at 2026-05-22T18:53:25+02:00
CVE-2026-42151/prometheus: bullseye not-affected

- - - - -
12b66ee2 by Sylvain Beucler at 2026-05-22T18:57:13+02:00
htslib: follow bookworm triage

- - - - -
f77eebe1 by Sylvain Beucler at 2026-05-22T18:58:33+02:00
CVE-2026-8367/aria2: bullseye postponed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3706,6 +3706,7 @@ CVE-2026-8367 (aria2c accepts a server certificate with incorrect Extended Key U
 	- aria2 <unfixed>
 	[trixie] - aria2 <postponed> (Minor issue, revisit when fixed upstream)
 	[bookworm] - aria2 <postponed> (Minor issue, revisit when fixed upstream)
+	[bullseye] - aria2 <postponed> (Minor issue, revisit when fixed upstream)
 	NOTE: https://github.com/aria2/aria2/issues/2355
 CVE-2026-8328 (The ftpcp() function in Lib/ftplib.py was not updated when  CVE-2021-4 ...)
 	- python3.14 <unfixed>
@@ -11959,6 +11960,7 @@ CVE-2026-42154 (Prometheus is an open-source monitoring system and time series d
 	NOTE: https://github.com/prometheus/prometheus/pull/18585
 CVE-2026-42151 (Prometheus is an open-source monitoring system and time series databas ...)
 	- prometheus <unfixed> (bug #1135999)
+	[bullseye] - prometheus <not-affected> (Azure AD module introduced in v2.45)
 	NOTE: https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj
 	NOTE: https://github.com/prometheus/prometheus/pull/18587
 	NOTE: https://github.com/prometheus/prometheus/pull/18590
@@ -38333,36 +38335,42 @@ CVE-2026-31971 (HTSlib is a library for reading and writing bioinformatics file
 	- htslib <unfixed> (bug #1131493)
 	[trixie] - htslib <no-dsa> (Minor issue)
 	[bookworm] - htslib <no-dsa> (Minor issue)
+	[bullseye] - htslib <postponed> (Minor issue)
 	NOTE: https://github.com/samtools/htslib/security/advisories/GHSA-jvx4-4wq7-6fmh
 	NOTE: Fixed by: https://github.com/samtools/htslib/commit/01cd003b46fa2ebea4d9be5475b11217eb4c11be (1.23.1)
 CVE-2026-31970 (HTSlib is a library for reading and writing bioinformatics file format ...)
 	- htslib <unfixed> (bug #1131493)
 	[trixie] - htslib <no-dsa> (Minor issue)
 	[bookworm] - htslib <no-dsa> (Minor issue)
+	[bullseye] - htslib <postponed> (Minor issue)
 	NOTE: https://github.com/samtools/htslib/security/advisories/GHSA-p345-84hx-fq6q
 	NOTE: Fixed by: https://github.com/samtools/htslib/commit/6dd0d7d0e9e7e2e173a28969e624db8bc8bb5828 (1.23.1)
 CVE-2026-31969 (HTSlib is a library for reading and writing bioinformatics file format ...)
 	- htslib <unfixed> (bug #1131493)
 	[trixie] - htslib <no-dsa> (Minor issue)
 	[bookworm] - htslib <no-dsa> (Minor issue)
+	[bullseye] - htslib <postponed> (Minor issue)
 	NOTE: https://github.com/samtools/htslib/security/advisories/GHSA-q4cj-f4h5-fqgc
 	NOTE: Fixed by: https://github.com/samtools/htslib/commit/88cdf69e4b83bb550ab4f6f7134892c2ad1978f4 (1.23.1)
 CVE-2026-31968 (HTSlib is a library for reading and writing bioinformatics file format ...)
 	- htslib <unfixed> (bug #1131493)
 	[trixie] - htslib <no-dsa> (Minor issue)
 	[bookworm] - htslib <no-dsa> (Minor issue)
+	[bullseye] - htslib <postponed> (Minor issue)
 	NOTE: https://github.com/samtools/htslib/security/advisories/GHSA-cgcm-c9r2-p57j
 	NOTE: Fixed by: https://github.com/samtools/htslib/commit/0ec436796eca7b4ce7fcc9b77270c102da29bb2e (1.23.1)
 CVE-2026-31967 (HTSlib is a library for reading and writing bioinformatics file format ...)
 	- htslib <unfixed> (bug #1131493)
 	[trixie] - htslib <no-dsa> (Minor issue)
 	[bookworm] - htslib <no-dsa> (Minor issue)
+	[bullseye] - htslib <postponed> (Minor issue)
 	NOTE: https://github.com/samtools/htslib/security/advisories/GHSA-33x5-c6vj-8f2w
 	NOTE: Fixed by: https://github.com/samtools/htslib/commit/9cefb46453ad471e933b8212d4f45920524d3357 (1.23.1)
 CVE-2026-31966 (HTSlib is a library for reading and writing bioinformatics file format ...)
 	- htslib <unfixed> (bug #1131493)
 	[trixie] - htslib <no-dsa> (Minor issue)
 	[bookworm] - htslib <no-dsa> (Minor issue)
+	[bullseye] - htslib <postponed> (Minor issue)
 	NOTE: https://github.com/samtools/htslib/security/advisories/GHSA-5cj8-mj52-8vp3
 	NOTE: Fixed by: https://github.com/samtools/htslib/commit/4a5ef25eb1fb3d64438103316fffe423b2c3f5f4 (1.23.1)
 	NOTE: Fixed by: https://github.com/samtools/htslib/commit/22ec5230ef95769ab009420da69568c7e530af28 (1.23.1)
@@ -38371,24 +38379,28 @@ CVE-2026-31965 (HTSlib is a library for reading and writing bioinformatics file
 	- htslib <unfixed> (bug #1131493)
 	[trixie] - htslib <no-dsa> (Minor issue)
 	[bookworm] - htslib <no-dsa> (Minor issue)
+	[bullseye] - htslib <postponed> (Minor issue)
 	NOTE: https://github.com/samtools/htslib/security/advisories/GHSA-mqm2-v645-3qhr
 	NOTE: Fixed by: https://github.com/samtools/htslib/commit/9cefb46453ad471e933b8212d4f45920524d3357 (1.23.1)
 CVE-2026-31964 (HTSlib is a library for reading and writing bioinformatics file format ...)
 	- htslib <unfixed> (bug #1131493)
 	[trixie] - htslib <no-dsa> (Minor issue)
 	[bookworm] - htslib <no-dsa> (Minor issue)
+	[bullseye] - htslib <postponed> (Minor issue)
 	NOTE: https://github.com/samtools/htslib/security/advisories/GHSA-5w97-85gf-86rm
 	NOTE: Fixed by: https://github.com/samtools/htslib/commit/e64e68da567d2309509d059ace016d5d7fc7514f (1.23.1)
 CVE-2026-31963 (HTSlib is a library for reading and writing bioinformatics file format ...)
 	- htslib <unfixed> (bug #1131493)
 	[trixie] - htslib <no-dsa> (Minor issue)
 	[bookworm] - htslib <no-dsa> (Minor issue)
+	[bullseye] - htslib <postponed> (Minor issue)
 	NOTE: https://github.com/samtools/htslib/security/advisories/GHSA-qgqh-h2q9-7w3c
 	NOTE: Fixed by: https://github.com/samtools/htslib/commit/8bcc9907be0f945ddc31796d64f078fa05456acd (1.23.1)
 CVE-2026-31962 (HTSlib is a library for reading and writing bioinformatics file format ...)
 	- htslib <unfixed> (bug #1131493)
 	[trixie] - htslib <no-dsa> (Minor issue)
 	[bookworm] - htslib <no-dsa> (Minor issue)
+	[bullseye] - htslib <postponed> (Minor issue)
 	NOTE: https://github.com/samtools/htslib/security/advisories/GHSA-xxmp-v7h3-gpwp
 	NOTE: Fixed by: https://github.com/samtools/htslib/commit/d799b54c6401879187bba4741be83ff590ac73e3 (1.23.1)
 CVE-2026-30704 (The WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) exposes an  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/53d2fe2d903bb4100fbdf3a5f0c623045b4cb3e3...f77eebe18f736034c5713e4074b29a9003a1a361

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/53d2fe2d903bb4100fbdf3a5f0c623045b4cb3e3...f77eebe18f736034c5713e4074b29a9003a1a361
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260522/ba115505/attachment.htm>

More information about the debian-security-tracker-commits mailing list