[Git][security-tracker-team/security-tracker][master] 2 commits: Marked CVE-2022-39209 and CVE-2022-24724 as no-dsa for buster following the...

Sun, 01 Jan 2023 06:23:29 -0800 


Ola Lundqvist pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
33e39279 by Ola Lundqvist at 2023-01-01T15:18:44+01:00
Marked CVE-2022-39209 and CVE-2022-24724 as no-dsa for buster following the 
same line as other packages in the same CVEs.

- - - - -
264fbf07 by Ola Lundqvist at 2023-01-01T15:22:42+01:00
LTS: add smarty3 to dla-needed.txt

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -29139,6 +29139,7 @@ CVE-2022-39209 (cmark-gfm is GitHub's fork of cmark, a 
CommonMark parsing and re
        [buster] - python-cmarkgfm <no-dsa> (Minor issue)
        - ghostwriter 2.1.6+ds-1 (unimportant)
        - ruby-commonmarker <unfixed>
+       [buster] - ruby-commonmarker <no-dsa> (Minor issue)
        - r-cran-commonmark <unfixed>
        [bullseye] - r-cran-commonmark <no-dsa> (Minor issue)
        NOTE: 
https://github.com/github/cmark-gfm/security/advisories/GHSA-cgh3-p57x-9q7q
@@ -70508,6 +70509,7 @@ CVE-2022-24724 (cmark-gfm is GitHub's extended version 
of the C reference implem
        - python-cmarkgfm 0.7.0-1 (bug #1006758)
        [buster] - python-cmarkgfm <no-dsa> (Minor issue)
        - ruby-commonmarker <unfixed> (bug #1006759)
+       [buster] - ruby-commonmarker <no-dsa> (Minor issue)
        - r-cran-commonmark 1.8.0-1 (bug #1006760)
        [bullseye] - r-cran-commonmark <no-dsa> (Minor issue)
        [buster] - r-cran-commonmark <no-dsa> (Minor issue)


=====================================
data/dla-needed.txt
=====================================
@@ -297,6 +297,9 @@ samba
   NOTE: 20220904: Special attention: High popcon! Used in many servers.
   NOTE: 20220904: Many postponed or open CVE in general. (apo)
 --
+smarty3
+  NOTE: 20230101: Programming language: PHP.
+--
 snakeyaml
   NOTE: 20230101: Programming language: Java.
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a4dfbae29b5103a6316503da7e6a57cddadd363e...264fbf078c5ac21733a66331ab60ee5a3d72afe3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a4dfbae29b5103a6316503da7e6a57cddadd363e...264fbf078c5ac21733a66331ab60ee5a3d72afe3
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to