[Git][security-tracker-team/security-tracker][master] 3 commits: add yajl

Sun, 02 Jul 2023 15:08:06 -0700 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fcb78095 by Thorsten Alteholz at 2023-07-03T00:07:40+02:00
add yajl

- - - - -
fd0c9bcc by Thorsten Alteholz at 2023-07-03T00:07:41+02:00
mark CVE-2023-2861 as no-dsa for Buster

- - - - -
430ae682 by Thorsten Alteholz at 2023-07-03T00:07:42+02:00
mark CVE-2023-3354 as no-dsa for Buster

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -445,6 +445,7 @@ CVE-2023-3354 [VNC: improper I/O watch removal in TLS 
handshake can lead to remo
        - qemu <unfixed>
        [bookworm] - qemu <no-dsa> (Minor issue)
        [bullseye] - qemu <no-dsa> (Minor issue)
+       [buster] - qemu <no-dsa> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2216478
        TODO: check, no details in RHBZ#2216478 on upstream status
 CVE-2023-3432 (Server-Side Request Forgery (SSRF) in GitHub repository 
plantuml/plant ...)
@@ -497,6 +498,7 @@ CVE-2023-2996 (The Jetpack WordPress plugin before 12.1.1 
does not validate uplo
        NOT-FOR-US: WordPress plugin
 CVE-2023-2861 [9pfs: prevent opening special files]
        - qemu <unfixed>
+       [buster] - qemu <no-dsa> (Minor issue)
        NOTE: 
https://gitlab.com/qemu-project/qemu/-/commit/f6b0de53fb87ddefed348a39284c8e2f28dc4eda
 CVE-2023-2860 [ipv6: sr: fix out-of-bounds read when setting HMAC data.]
        - linux 5.19.11-1


=====================================
data/dla-needed.txt
=====================================
@@ -263,3 +263,6 @@ webkit2gtk (Emilio)
   NOTE: 20230606: https://lists.debian.org/debian-lts/2023/06/msg00005.html 
(pochu)
   NOTE: 20230627: will likely hold the update and mark as not-supported due to 
feedback (pochu)
 --
+yajl (tobi)
+  NOTE: 20230702: Added by Front-Desk (ta)
+--



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ab48cb7e37aa9475bb69485eab889d5f8f70bb5d...430ae6821506cd4290eacaa2d66eb4b328c866e2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ab48cb7e37aa9475bb69485eab889d5f8f70bb5d...430ae6821506cd4290eacaa2d66eb4b328c866e2
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to