[Git][security-tracker-team/security-tracker][master] Add tracking for rustc for CVE-2026-522{2,3}

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri May 29 05:39:51 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e4f539c7 by Salvatore Bonaccorso at 2026-05-29T06:39:10+02:00
Add tracking for rustc for CVE-2026-522{2,3}

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4251,6 +4251,7 @@ CVE-2026-7766 (Kenik Camera management Panel is vulnerable to Path Traversal vul
 CVE-2026-5223 (Cargo incorrectly handled symlinks inside of crate tarballs downloaded ...)
 	- cargo <removed>
 	- rust-cargo <unfixed>
+	- rustc 1.95.0+dfsg1-2
 	NOTE: https://groups.google.com/g/rustlang-security-announcements/c/IB74S7Yksg8
 	NOTE: https://blog.rust-lang.org/2026/05/25/cve-2026-5223/
 	NOTE: https://github.com/rust-lang/cargo/commit/285cebf58911eca5b7f177f5d0b1c53e1f646577
@@ -4258,6 +4259,7 @@ CVE-2026-5223 (Cargo incorrectly handled symlinks inside of crate tarballs downl
 CVE-2026-5222 (Cargo between 1.68 and 1.96 incorrectly normalized the URLs of third-p ...)
 	- cargo <removed>
 	- rust-cargo <unfixed>
+	- rustc 1.95.0+dfsg1-2
 	NOTE: https://groups.google.com/g/rustlang-security-announcements/c/SfUxOiIdY5s
 	NOTE: https://blog.rust-lang.org/2026/05/25/cve-2026-5222/
 	NOTE: https://github.com/rust-lang/cargo/commit/c4d63a44234de22dc745231c416b80ed848d997f



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4f539c7b84deb6bdad3a1ad3805bdc7070aea9c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4f539c7b84deb6bdad3a1ad3805bdc7070aea9c
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260529/a77a27bc/attachment.htm>

More information about the debian-security-tracker-commits mailing list