[Git][security-tracker-team/security-tracker][master] libgoogle-gson-java fixed in sid
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu May 12 16:03:05 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cd0c2c78 by Moritz Muehlenhoff at 2022-05-12T17:02:42+02:00
libgoogle-gson-java fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13155,7 +13155,7 @@ CVE-2022-25648 (The package git before 1.11.0 are vulnerable to Command Injectio
NOTE: Fixed by: https://github.com/ruby-git/ruby-git/commit/291ca0946bec7164b90ad5c572ac147f512c7159 (v1.11.0)
NOTE: https://security.snyk.io/vuln/SNYK-RUBY-GIT-2421270
CVE-2022-25647 (The package com.google.code.gson:gson before 2.8.9 are vulnerable to D ...)
- - libgoogle-gson-java <unfixed> (bug #1010670)
+ - libgoogle-gson-java 2.9.0-1 (bug #1010670)
NOTE: https://github.com/google/gson/pull/1991
NOTE: https://github.com/google/gson/commit/e6fae590cf2a758c47cd5a17f9bf3780ce62c986 (gson-parent-2.8.9)
NOTE: https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd0c2c781eac3dfbbfca9881a2b28f8a4ae3fcf5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd0c2c781eac3dfbbfca9881a2b28f8a4ae3fcf5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220512/364de8b4/attachment.htm>
More information about the debian-security-tracker-commits
mailing list