[Git][security-tracker-team/security-tracker][master] Demote CVE-2020-36325/jansson to unimportant
Salvatore Bonaccorso
carnil at debian.org
Wed Apr 28 05:25:23 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
76a4edf3 by Salvatore Bonaccorso at 2021-04-28T06:07:46+02:00
Demote CVE-2020-36325/jansson to unimportant
Upstream, repsctively in the upstream issue, it was outlined that this
does not seem to be a valid security issue.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -95,9 +95,9 @@ CVE-2021-31806
CVE-2021-31805
RESERVED
CVE-2020-36325 (An issue was discovered in Jansson through 2.13.1. Due to a parsing er ...)
- - jansson <unfixed>
- [buster] - jansson <no-dsa> (Minor issue)
+ - jansson <unfixed> (unimportant)
NOTE: https://github.com/akheron/jansson/issues/548
+ NOTE: Disputed security impact between reporter and upstream
CVE-2021-31826 (Shibboleth Service Provider 3.x before 3.2.2 is prone to a NULL pointe ...)
{DSA-4905-1}
- shibboleth-sp <unfixed> (bug #987608)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76a4edf30c1a888c314df773bb5ab98f006ec6de
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76a4edf30c1a888c314df773bb5ab98f006ec6de
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210428/eb499188/attachment.htm>
More information about the debian-security-tracker-commits
mailing list