Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8055f9ac by Chris Lamb at 2023-03-29T00:35:56+01:00
Triage CVE-2023-27586 in cairosvg for buster LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4350,6 +4350,7 @@ CVE-2023-27587 (ReadtoMyShoe, a web app that lets users
upload articles and list
NOT-FOR-US: ReadtoMyShoe
CVE-2023-27586 (CairoSVG is an SVG converter based on Cairo, a 2D graphics
library. Pr ...)
- cairosvg 2.5.2-1.1 (bug #1033295)
+ [buster] - cairosvg <no-dsa> (Minor issue; fix would require
backporting entire --unsafe mechanism)
NOTE:
https://github.com/Kozea/CairoSVG/commit/12d31c653c0254fa9d9853f66b04ea46e7397255
(2.7.0)
NOTE:
https://github.com/Kozea/CairoSVG/security/advisories/GHSA-rwmf-w63j-p7gv
NOTE: Introduced in
https://github.com/Kozea/CairoSVG/commit/1ee0889f4015ebaddcf9976d43222e673155797c
(0.3)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8055f9acfaeea332aa9dd1ccda86e706fe65fc80
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8055f9acfaeea332aa9dd1ccda86e706fe65fc80
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
