[Git][security-tracker-team/security-tracker][master] mujs DSA
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Nov 28 19:30:05 GMT 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e39f9250 by Moritz Mühlenhoff at 2022-11-28T20:29:41+01:00
mujs DSA
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -43324,13 +43324,11 @@ CVE-2022-30976 (GPAC 2.0.0 misuses a certain Unicode utf8_wcslen (renamed gf_utf
NOTE: to not open that issue.
CVE-2022-30975 (In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL p ...)
- mujs 1.2.0-3
- [bullseye] - mujs <no-dsa> (Minor issue)
NOTE: https://github.com/ccxvii/mujs/issues/161
NOTE: https://github.com/ccxvii/mujs/commit/910acc807c3c057e1c0726160808f3a9f37b40ec
NOTE: https://github.com/ccxvii/mujs/commit/f5b3c703e18725e380b83427004632e744f85a6f
CVE-2022-30974 (compile in regexp.c in Artifex MuJS through 1.2.0 results in stack con ...)
- mujs 1.2.0-3
- [bullseye] - mujs <no-dsa> (Minor issue)
NOTE: https://github.com/ccxvii/mujs/issues/162
NOTE: https://github.com/ccxvii/mujs/commit/160ae29578054dc09fd91e5401ef040d52797e61
NOTE: https://github.com/ccxvii/mujs/commit/799b62bf065b006e2bcb1c80044eab2b10412ecf
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[28 Nov 2022] DSA-5291-1 mujs - security update
+ {CVE-2022-30974 CVE-2022-30975 CVE-2022-44789}
+ [bullseye] - mujs 1.1.0-1+deb11u2
[28 Nov 2022] DSA-5290-1 commons-configuration2 - security update
{CVE-2022-33980}
[bullseye] - commons-configuration2 2.8.0-1~deb11u1
=====================================
data/dsa-needed.txt
=====================================
@@ -29,8 +29,6 @@ netatalk
--
nodejs
--
-mujs (jmm)
---
multipath-tools
--
openexr
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e39f9250feb26647c88fada2ce951e0f12d098b7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e39f9250feb26647c88fada2ce951e0f12d098b7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221128/d93f39eb/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list