[Git][security-tracker-team/security-tracker][master] Add assigned CVE-2026-48829 for gsasl

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun May 24 06:52:26 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0ead90b0 by Salvatore Bonaccorso at 2026-05-24T07:51:13+02:00
Add assigned CVE-2026-48829 for gsasl

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4954,10 +4954,8 @@ CVE-2026-43480 (In the Linux kernel, the following vulnerability has been resolv
 	[trixie] - linux 6.12.85-1
 	[bookworm] - linux 6.1.170-1
 	NOTE: https://git.kernel.org/linus/53f3a900e9a383d47af7253076e19f510c5708d0 (7.0-rc4)
-CVE-2026-XXXX [NULL pointer dereference in DIGEST-MD5]
+CVE-2026-48829 [NULL pointer dereference in DIGEST-MD5]
 	- gsasl 2.2.3-1
-	[trixie] - gsasl 2.2.2-1.1+deb13u1
-	[bookworm] - gsasl 2.2.0-1+deb12u1
 	NOTE: https://lists.gnu.org/archive/html/help-gsasl/2026-05/msg00002.html
 	NOTE: Fixed by: https://codeberg.org/gsasl/gsasl/commit/da9b5ae2962b014879e4a406c3b38f25aa70e97a (v2.2.3)
 CVE-2026-XXXX [RUSTSEC-2026-0122]


=====================================
data/DSA/list
=====================================
@@ -86,6 +86,7 @@
 	{CVE-2025-23085 CVE-2025-23166 CVE-2025-55131 CVE-2025-59465 CVE-2025-59466 CVE-2026-21710 CVE-2026-21713 CVE-2026-21714}
 	[bookworm] - nodejs 18.20.4+dfsg-1~deb12u2
 [14 May 2026] DSA-6271-1 gsasl - security update
+	{CVE-2026-48829}
 	[bookworm] - gsasl 2.2.0-1+deb12u1
 	[trixie] - gsasl 2.2.2-1.1+deb13u1
 [14 May 2026] DSA-6270-1 postgresql-17 - security update



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ead90b01df6af6b396c334bc120d450eed68c17

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ead90b01df6af6b396c334bc120d450eed68c17
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260524/145162d9/attachment.htm>

More information about the debian-security-tracker-commits mailing list