[Git][security-tracker-team/security-tracker][master] Reserve DLA-3224-1 for http-parser

Mon Dec 5 13:01:32 GMT 2022


Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker


Commits:
60113425 by Utkarsh Gupta at 2022-12-05T18:31:13+05:30
Reserve DLA-3224-1 for http-parser

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -205009,7 +205009,6 @@ CVE-2020-8287 (Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow t
 	{DSA-4826-1}
 	- http-parser 2.9.4-5 (bug #1016690)
 	[bullseye] - http-parser 2.9.4-4+deb11u1
-	[buster] - http-parser <no-dsa> (Minor issue)
 	- nodejs 12.20.1~dfsg-1 (bug #979364)
 	[stretch] - nodejs <ignored> (Nodejs in stretch not covered by security support)
 	NOTE: https://nodejs.org/en/blog/release/v10.23.1/


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[05 Dec 2022] DLA-3224-1 http-parser - security update
+	{CVE-2020-8287}
+	[buster] - http-parser 2.8.1-1+deb10u3
 [05 Dec 2022] DLA-3223-1 giflib - security update
 	{CVE-2018-11490 CVE-2019-15133}
 	[buster] - giflib 5.1.4-3+deb10u1


=====================================
data/dla-needed.txt
=====================================
@@ -86,9 +86,6 @@ hsqldb (Markus Koschany)
   NOTE: 20221031: To be investigated further. A possible outcome is to ignore it.
   NOTE: 20221031: https://lists.debian.org/debian-lts/2022/10/msg00060.html.
 --
-http-parser (Utkarsh)
-  NOTE: 20221205: Programming language: C.
---
 imagemagick (Roberto C. Sánchez)
   NOTE: 20220904: Programming language: C.
   NOTE: 20220904: VCS: https://salsa.debian.org/lts-team/packages/imagemagick.git



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6011342551f626625be8d8f37949fabc50bd101a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6011342551f626625be8d8f37949fabc50bd101a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221205/0d45037c/attachment-0001.htm>
