[Git][security-tracker-team/security-tracker][master] Remove crun listing from yajl issues as it has not security impact from embedded copy at all

Thu, 13 Jul 2023 08:21:43 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3a5708de by Salvatore Bonaccorso at 2023-07-13T17:18:43+02:00
Remove crun listing from yajl issues as it has not security impact from 
embedded copy at all

crun was using the system libyajl from the beginning of the packaging.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4576,8 +4576,6 @@ CVE-2023-33460 (There's a memory leak in yajl 2.1.0 with 
use of yajl_tree_parse
        NOTE: The original fix uploaded as 2.1.0-3.1 was incomplete.
        - burp <unfixed>
        [buster] - burp <postponed> (Minor issue; fix only after newer releases 
got a fix)
-       - crun <unfixed>
-       [buster] - crun <postponed> (Minor issue; fix only after newer releases 
got a fix)
        - epics-base <unfixed>
        [buster] - epics-base <postponed> (Minor issue; fix only after newer 
releases got a fix)
        - r-cran-jsonlite <unfixed>
@@ -106110,7 +106108,6 @@ CVE-2022-24795 (yajl-ruby is a C binding to the YAJL 
JSON parsing and generation
        [bookworm] - yajl <no-dsa> (Minor issue)
        [bullseye] - yajl <no-dsa> (Minor issue)
        - burp <unfixed> (bug #1040146)
-       - crun <unfixed> (bug #1040147)
        - epics-base <unfixed> (bug #1040159)
        - r-cran-jsonlite <unfixed> (bug #1040161)
        [bookworm] - r-cran-jsonlite <no-dsa> (Minor issue)
@@ -383870,7 +383867,6 @@ CVE-2017-16516 (In the yajl-ruby gem 1.3.0 for Ruby, 
when a crafted JSON file is
        [bookworm] - yajl <no-dsa> (Minor issue)
        [bullseye] - yajl <no-dsa> (Minor issue)
        - burp <unfixed> (bug #1040146)
-       - crun <unfixed> (bug #1040147)
        - epics-base <unfixed> (bug #1040159)
        - r-cran-jsonlite <unfixed> (bug #1040161)
        [bookworm] - r-cran-jsonlite <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a5708de36abc839edbac5e552caf7033a695ebc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a5708de36abc839edbac5e552caf7033a695ebc
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to