[Git][security-tracker-team/security-tracker][master] Add new mpd issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 29 08:33:28 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ee180482 by Salvatore Bonaccorso at 2026-05-29T09:32:46+02:00
Add new mpd issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -296,13 +296,21 @@ CVE-2026-49299 (In OpenStack Neutron before 28.0.1, the tagging controller enfor
- neutron 2:28.0.0-4 (bug #1138172)
NOTE: https://security.openstack.org/ossa/OSSA-2026-016.html
CVE-2026-49130 (Music Player Daemon (MPD) before version 0.24.11 contains a CRLF injec ...)
- TODO: check
+ - mpd <unfixed>
+ NOTE: https://github.com/MusicPlayerDaemon/MPD/issues/2483
+ NOTE: Fixed by: https://github.com/MusicPlayerDaemon/MPD/commit/855085b35c67dddeef0652e2cb3ac8cdd4f457b7 (v0.24.11)
CVE-2026-49129 (Music Player Daemon (MPD) before version 0.24.11 contains a server-sid ...)
- TODO: check
+ - mpd <unfixed>
+ NOTE: https://github.com/MusicPlayerDaemon/MPD/issues/2487
+ NOTE: Fixed by: https://github.com/MusicPlayerDaemon/MPD/commit/78341dd6c7b101c3feede233d4cc4f8f1fcc4bb3 (v0.24.11)
CVE-2026-49128 (Music Player Daemon (MPD) before version 0.24.11 contains a path trave ...)
- TODO: check
+ - mpd <unfixed>
+ NOTE: https://github.com/MusicPlayerDaemon/MPD/issues/2484
+ NOTE: Fixed by: https://github.com/MusicPlayerDaemon/MPD/commit/0b5315b9e5a42cb0e88bf46a7579bb5641543f60 (v0.24.11)
CVE-2026-49127 (Music Player Daemon (MPD) before version 0.24.11 contains a stack buff ...)
- TODO: check
+ - mpd <unfixed>
+ NOTE: https://github.com/MusicPlayerDaemon/MPD/issues/2485
+ NOTE: Fixed by: https://github.com/MusicPlayerDaemon/MPD/commit/59911028c020f84bc2e669da6a1ef88121301274 (v0.24.11)
CVE-2026-49095 (Improper Input Validation (CWE-20) in the Kibana Fleet agent policy ma ...)
TODO: check
CVE-2026-49094 (Uncontrolled Resource Consumption (CWE-400) in Kibana can lead to deni ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee180482b8d0c88473880549a8510f96aecde4e8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee180482b8d0c88473880549a8510f96aecde4e8
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260529/4cea2495/attachment.htm>
More information about the debian-security-tracker-commits
mailing list