Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
77da459c by Salvatore Bonaccorso at 2026-07-07T07:55:21+02:00
Track fixed version for some ujson issues fixed via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11182,7 +11182,7 @@ CVE-2026-55599 (phpseclib is a PHP secure
communications library. From 0.1.1 unt
CVE-2026-55409 (Filament is a collection of full-stack components for
accelerated Lara ...)
NOT-FOR-US: Filament
CVE-2026-54911 (UltraJSON is a fast JSON encoder and decoder written in pure C
with bi ...)
- - ujson <unfixed> (bug #1140630)
+ - ujson 5.13.0-1 (bug #1140630)
NOTE:
https://github.com/ultrajson/ultrajson/security/advisories/GHSA-3j69-69wj-xqx2
NOTE:
https://github.com/ultrajson/ultrajson/commit/169eaf36b1116fece5034ee79a7a0ef3f6deedcf
(5.13.0)
CVE-2026-54651 (pypdf is a free and open-source pure-python PDF library. Prior
to 6.13 ...)
@@ -28431,7 +28431,7 @@ CVE-2026-44681 (Authlib is a Python library which
builds OAuth and OpenID Connec
- python-authlib 1.7.2-1
NOTE:
https://github.com/authlib/authlib/security/advisories/GHSA-r95x-qfjj-fjj2
CVE-2026-44660 (UltraJSON is a fast JSON encoder and decoder written in pure C
with bi ...)
- - ujson <unfixed> (bug #1138258)
+ - ujson 5.13.0-1 (bug #1138258)
[bullseye] - ujson <postponed> (Minor issue)
NOTE:
https://github.com/ultrajson/ultrajson/security/advisories/GHSA-c38f-wx89-p2xg
NOTE: Fixed by:
https://github.com/ultrajson/ultrajson/commit/82af1d0ac01d09aa40c887b460d44b9d9f4bccd9
(5.12.1)
@@ -70950,13 +70950,13 @@ CVE-2026-32881 (ewe is a Gleam web server. ewe is a
Gleam web server. Versions 0
CVE-2026-32880 (ChurchCRM is an open-source church management system. Versions
prior t ...)
NOT-FOR-US: ChurchCRM
CVE-2026-32875 (UltraJSON is a fast JSON encoder and decoder written in pure C
with bi ...)
- - ujson <unfixed> (bug #1131485)
+ - ujson 5.13.0-1 (bug #1131485)
[bullseye] - ujson <postponed> (Minor issue; DoS)
NOTE:
https://github.com/ultrajson/ultrajson/security/advisories/GHSA-c8rr-9gxc-jprv
NOTE: https://github.com/ultrajson/ultrajson/issues/700
NOTE: Fixed by:
https://github.com/ultrajson/ultrajson/commit/486bd4553dc471a1de11613bc7347a6b318e37ea
(5.12.0)
CVE-2026-32874 (UltraJSON is a fast JSON encoder and decoder written in pure C
with bi ...)
- - ujson <unfixed> (bug #1131486)
+ - ujson 5.13.0-1 (bug #1131486)
[bullseye] - ujson <postponed> (Minor issue; DoS)
NOTE:
https://github.com/ultrajson/ultrajson/security/advisories/GHSA-wgvc-ghv9-3pmm
NOTE: Fixed by:
https://github.com/ultrajson/ultrajson/commit/4baeb950df780092bd3c89fc702a868e99a3a1d2
(5.12.0)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77da459c31e2290af9ec3336fb02ae0bdaedb034
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77da459c31e2290af9ec3336fb02ae0bdaedb034
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits