Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: fede245d by Salvatore Bonaccorso at 2023-07-02T20:47:14+02:00 Remove some source package listings for yajl issues Link: https://salsa.debian.org/security-tracker-team/security-tracker/commit/230e1c66b5df3f8c29e672b74bd7dc66274d7e24 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -2815,10 +2815,6 @@ CVE-2023-33460 (There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse - ruby-yajl <unfixed> [bookworm] - ruby-yajl <no-dsa> (Minor issue) [bullseye] - ruby-yajl <no-dsa> (Minor issue) - - argyll <unfixed> (bug #1040151) - - collada2gltf <unfixed> (bug #1040153) - - lnav <unfixed> - - r-cran-jsonlite <unfixed> CVE-2023-33457 (In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , ...) NOT-FOR-US: Sogou Workflow CVE-2023-33381 (A command injection vulnerability was found in the ping functionality ...) @@ -104252,12 +104248,8 @@ CVE-2022-24795 (yajl-ruby is a C binding to the YAJL JSON parsing and generation - yajl <unfixed> (bug #1040036) - burp <unfixed> (bug #1040146) - crun <unfixed> (bug #1040147) - - argyll <unfixed> (bug #1040150) - - collada2gltf <unfixed> (bug #1040153) - epics-base <unfixed> (bug #1040159) - - lnav <unfixed> (bug #1040160) - r-cran-jsonlite <unfixed> (bug #1040161) - - whitedb 0.7.3+git211004+dfsg-1 - xqilla <unfixed> (bug #1040164) NOTE: https://github.com/brianmario/yajl-ruby/security/advisories/GHSA-jj47-x69x-mxrm NOTE: https://github.com/brianmario/yajl-ruby/commit/7168bd79b888900aa94523301126f968a93eb3a6 @@ -381987,12 +381979,8 @@ CVE-2017-16516 (In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is - yajl <unfixed> (bug #1040036) - burp <unfixed> (bug #1040146) - crun <unfixed> (bug #1040147) - - argyll <unfixed> (bug #1040150) - - collada2gltf <unfixed> (bug #1040153) - epics-base <unfixed> (bug #1040159) - - lnav <unfixed> (bug #1040160) - r-cran-jsonlite <unfixed> (bug #1040161) - - whitedb 0.7.3+git211004+dfsg-1 - xqilla <unfixed> (bug #1040164) NOTE: https://github.com/brianmario/yajl-ruby/issues/176 NOTE: https://github.com/brianmario/yajl-ruby/commit/a8ca8f476655adaa187eedc60bdc770fff3c51ce View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fede245ded53d2bea1e7e75db94e193df3a7ce1a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fede245ded53d2bea1e7e75db94e193df3a7ce1a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
