[Git][security-tracker-team/security-tracker][master] Updates for twig vs. php-twig source package
Sebastien Delafond (@seb)
seb at debian.org
Tue Mar 22 11:01:20 GMT 2022
Sebastien Delafond pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f44277be by Sébastien Delafond at 2022-03-22T12:00:25+01:00
Updates for twig vs. php-twig source package
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -11671,6 +11671,7 @@ CVE-2022-23615 (XWiki Platform is a generic wiki platform offering runtime servi
NOT-FOR-US: XWiki
CVE-2022-23614 (Twig is an open source template language for PHP. When in a sandbox mo ...)
- php-twig 3.3.8-1
+ - twig <removed>
NOTE: https://github.com/twigphp/Twig/security/advisories/GHSA-5mv2-rx3q-4w2v
NOTE: https://github.com/twigphp/Twig/pull/3641
NOTE: https://github.com/twigphp/Twig/commit/2eb33080558611201b55079d07ac88f207b466d5 (v3.3.8)
=====================================
data/dsa-needed.txt
=====================================
@@ -44,7 +44,7 @@ trafficserver (jmm)
--
twig/oldstable
--
-twig (seb)
+php-twig/stable (seb)
2022-03-21: update proposed by David Prévot for CVE-2022-23614
--
unzip
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f44277beff5add62f5ff59b8265d0b333901c596
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f44277beff5add62f5ff59b8265d0b333901c596
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220322/25913809/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list