[Git][security-tracker-team/security-tracker][master] Track fix for bookworm for CVE-2026-45184/kdenlive

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed May 27 15:34:23 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
047278e7 by Salvatore Bonaccorso at 2026-05-27T16:33:41+02:00
Track fix for bookworm for CVE-2026-45184/kdenlive

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10138,8 +10138,6 @@ CVE-2026-45186 (In libexpat before 2.8.1, the computational complexity of attrib
 CVE-2026-45184 (Kdenlive before 26.04.1 allows dangerous proxy parameters when an atta ...)
 	{DSA-6299-1}
 	- kdenlive 26.04.1-1 (bug #1136172)
-	[trixie] - kdenlive <no-dsa> (Minor issue)
-	[bookworm] - kdenlive <no-dsa> (Minor issue)
 	[bullseye] - kdenlive <no-dsa> (Minor issue)
 	NOTE: https://kde.org/info/security/advisory-20260508-1.txt
 	NOTE: https://commits.kde.org/kdenlive/94042ddd259551e4a7a5f6672329752972c84685 (v26.04.0)


=====================================
data/DSA/list
=====================================
@@ -4,6 +4,7 @@
 	[trixie] - node-shell-quote 1.7.4+~1.7.1-1+deb13u1
 [26 May 2026] DSA-6299-1 kdenlive - security update
 	{CVE-2026-45184}
+	[bookworm] - kdenlive 22.12.3-2+deb12u2
 	[trixie] - kdenlive 24.12.3-2+deb13u1
 [26 May 2026] DSA-6298-1 imagemagick - security update
 	{CVE-2026-42050 CVE-2026-42326 CVE-2026-45031 CVE-2026-45358 CVE-2026-45359 CVE-2026-45624 CVE-2026-45664 CVE-2026-46520 CVE-2026-46521 CVE-2026-46522 CVE-2026-46523 CVE-2026-46557 CVE-2026-46559 CVE-2026-46692 CVE-2026-46693 CVE-2026-47165 CVE-2026-47166}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/047278e7a73c0123888ea77aed03ffd1f75168fa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/047278e7a73c0123888ea77aed03ffd1f75168fa
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260527/702422a6/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list