Sebastien Delafond pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f44277be by Sébastien Delafond at 2022-03-22T12:00:25+01:00
Updates for twig vs. php-twig source package
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -11671,6 +11671,7 @@ CVE-2022-23615 (XWiki Platform is a generic wiki
platform offering runtime servi
NOT-FOR-US: XWiki
CVE-2022-23614 (Twig is an open source template language for PHP. When in a
sandbox mo ...)
- php-twig 3.3.8-1
+ - twig <removed>
NOTE:
https://github.com/twigphp/Twig/security/advisories/GHSA-5mv2-rx3q-4w2v
NOTE: https://github.com/twigphp/Twig/pull/3641
NOTE:
https://github.com/twigphp/Twig/commit/2eb33080558611201b55079d07ac88f207b466d5
(v3.3.8)
=====================================
data/dsa-needed.txt
=====================================
@@ -44,7 +44,7 @@ trafficserver (jmm)
--
twig/oldstable
--
-twig (seb)
+php-twig/stable (seb)
2022-03-21: update proposed by David Prévot for CVE-2022-23614
--
unzip
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f44277beff5add62f5ff59b8265d0b333901c596
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f44277beff5add62f5ff59b8265d0b333901c596
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
