[Git][security-tracker-team/security-tracker][master] Reserve DLA-4393-1 for mako

Tue, 02 Dec 2025 20:02:56 -0800 


Utkarsh Gupta pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9ea1228d by Utkarsh Gupta at 2025-12-03T09:32:28+05:30
Reserve DLA-4393-1 for mako

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -302375,7 +302375,6 @@ CVE-2022-40024
 CVE-2022-40023 (Sqlalchemy mako before 1.2.2 is vulnerable to Regular 
expression Denia ...)
        {DLA-3116-1}
        - mako 1.2.2+ds1-1
-       [bullseye] - mako <no-dsa> (Minor issue)
        NOTE: 
https://github.com/sqlalchemy/mako/commit/925760291d6efec64fda6e9dd1fd9cfbd5be068c
 (rel_1_2_2)
        NOTE: https://github.com/sqlalchemy/mako/issues/366
 CVE-2022-40022 (Microchip Technology (Microsemi) SyncServer S650 was 
discovered to con ...)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[03 Dec 2025] DLA-4393-1 mako - security update
+       {CVE-2022-40023}
+       [bullseye] - mako 1.1.3+ds1-2+deb11u1
 [01 Dec 2025] DLA-4392-1 mistral-dashboard - security update
        {CVE-2021-4472}
        [bullseye] - mistral-dashboard 11.0.0-2+deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -234,10 +234,6 @@ libxslt
 linux (Ben Hutchings)
   NOTE: 20230111: Perma-added, Linux package specifically delegated to bwh 
(LTS Team)
 --
-mako (Utkarsh)
-  NOTE: 20251117: Added by Front-Desk (lamby)
-  NOTE: 20251117: To address CVE-2022-40023, fixed in both buster and 
bookworm. (lamby)
---
 mbedtls
   NOTE: 20251102: Added by Front-Desk (apo)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ea1228de8b924c370c2e6ef3f2f664fad4b34ec

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ea1228de8b924c370c2e6ef3f2f664fad4b34ec
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to