Abhijith PA pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
36d38a8b by Abhijith PA at 2022-10-30T14:11:00+05:30
Mark CVE-2022-24724 as not-affected for buster and bulleye.
ghostwriter don't embed cmark-gfm in those releases.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -55492,7 +55492,8 @@ CVE-2022-24725 (Shescape is a shell escape package for
JavaScript. An issue in v
CVE-2022-24724 (cmark-gfm is GitHub's extended version of the C reference
implementati ...)
- cmark-gfm 0.29.0.gfm.3-3 (bug #1006756)
- ghostwriter <unfixed> (bug #1006757)
- [bullseye] - ghostwriter <no-dsa> (Minor issue)
+ [bullseye] - ghostwriter <not-affected> (Vulnerable code not present)
+ [buster] - ghostwriter <not-affected> (Vulnerable code not present)
- python-cmarkgfm 0.7.0-1 (bug #1006758)
- ruby-commonmarker <unfixed> (bug #1006759)
- r-cran-commonmark 1.8.0-1 (bug #1006760)
=====================================
data/dla-needed.txt
=====================================
@@ -49,9 +49,6 @@ fwupd
gerbv
NOTE: 20220923: Programming language: C.
--
-ghostwriter (Abhijith PA)
- NOTE: 20221009: Programming language: C.
---
golang-1.11
NOTE: 20220916: Programming language: Go.
NOTE: 20220916: Special attention: limited support; requires rebuilding
reverse build dependencies (though recent bullseye updates didn't)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36d38a8b902703442385a481f13e9b2ffb9a2b82
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36d38a8b902703442385a481f13e9b2ffb9a2b82
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
