[Git][security-tracker-team/security-tracker][master] Drop notes from CVE-2022-41852 (withdrawn)

Mon Nov 21 20:43:20 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
14e234f2 by Salvatore Bonaccorso at 2022-11-21T21:42:37+01:00
Drop notes from CVE-2022-41852 (withdrawn)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13191,13 +13191,6 @@ CVE-2022-41853 (Those using java.sql.Statement or java.sql.PreparedStatement in
 	NOTE: https://sourceforge.net/p/hsqldb/svn/6614/
 CVE-2022-41852
 	REJECTED
-	- libcommons-jxpath-java <unfixed> (unimportant)
-	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47133
-	NOTE: https://github.com/apache/commons-jxpath/pull/25
-	NOTE: https://github.com/apache/commons-jxpath/pull/26
-	NOTE: https://github.com/apache/commons-jxpath/pull/26#issuecomment-1307567283
-	NOTE: JEXL is NOT expected to safely handle untrusted input, not considered a
-	NOTE: vulnerability by upstream
 CVE-2022-41851 (A vulnerability has been identified in JTTK (All versions < V11.1.1 ...)
 	NOT-FOR-US: JTTK
 CVE-2022-41836 (When an 'Attack Signature False Positive Mode' enabled security policy ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14e234f2b74aebd7165c241bfa4000cca7720842

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14e234f2b74aebd7165c241bfa4000cca7720842
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221121/4f09c179/attachment.htm>
