[Git][security-tracker-team/security-tracker][master] Mark CVE-2022-24724 as not-affected for buster and bulleye.

Abhijith PA (@abhijith) abhijith at debian.org
Sun Oct 30 08:41:41 GMT 2022 


Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker


Commits:
36d38a8b by Abhijith PA at 2022-10-30T14:11:00+05:30
Mark CVE-2022-24724 as not-affected for buster and bulleye.
ghostwriter don't embed cmark-gfm in those releases.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -55492,7 +55492,8 @@ CVE-2022-24725 (Shescape is a shell escape package for JavaScript. An issue in v
 CVE-2022-24724 (cmark-gfm is GitHub's extended version of the C reference implementati ...)
 	- cmark-gfm 0.29.0.gfm.3-3 (bug #1006756)
 	- ghostwriter <unfixed> (bug #1006757)
-	[bullseye] - ghostwriter <no-dsa> (Minor issue)
+	[bullseye] - ghostwriter <not-affected> (Vulnerable code not present)
+	[buster] - ghostwriter <not-affected> (Vulnerable code not present)
 	- python-cmarkgfm 0.7.0-1 (bug #1006758)
 	- ruby-commonmarker <unfixed> (bug #1006759)
 	- r-cran-commonmark 1.8.0-1 (bug #1006760)


=====================================
data/dla-needed.txt
=====================================
@@ -49,9 +49,6 @@ fwupd
 gerbv
   NOTE: 20220923: Programming language: C.
 --
-ghostwriter (Abhijith PA)
-  NOTE: 20221009: Programming language: C.
---
 golang-1.11
   NOTE: 20220916: Programming language: Go.
   NOTE: 20220916: Special attention: limited support; requires rebuilding reverse build dependencies (though recent bullseye updates didn't)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36d38a8b902703442385a481f13e9b2ffb9a2b82

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36d38a8b902703442385a481f13e9b2ffb9a2b82
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221030/9244227d/attachment.htm>

More information about the debian-security-tracker-commits mailing list