[Git][security-tracker-team/security-tracker][master] 2 commits: Marked CVE-2022-39209 and CVE-2022-24724 as no-dsa for buster following the...

Ola Lundqvist (@opal) opal at debian.org
Sun Jan 1 14:23:20 GMT 2023 


Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker


Commits:
33e39279 by Ola Lundqvist at 2023-01-01T15:18:44+01:00
Marked CVE-2022-39209 and CVE-2022-24724 as no-dsa for buster following the same line as other packages in the same CVEs.

- - - - -
264fbf07 by Ola Lundqvist at 2023-01-01T15:22:42+01:00
LTS: add smarty3 to dla-needed.txt

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -29139,6 +29139,7 @@ CVE-2022-39209 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and re
 	[buster] - python-cmarkgfm <no-dsa> (Minor issue)
 	- ghostwriter 2.1.6+ds-1 (unimportant)
 	- ruby-commonmarker <unfixed>
+	[buster] - ruby-commonmarker <no-dsa> (Minor issue)
 	- r-cran-commonmark <unfixed>
 	[bullseye] - r-cran-commonmark <no-dsa> (Minor issue)
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-cgh3-p57x-9q7q
@@ -70508,6 +70509,7 @@ CVE-2022-24724 (cmark-gfm is GitHub's extended version of the C reference implem
 	- python-cmarkgfm 0.7.0-1 (bug #1006758)
 	[buster] - python-cmarkgfm <no-dsa> (Minor issue)
 	- ruby-commonmarker <unfixed> (bug #1006759)
+	[buster] - ruby-commonmarker <no-dsa> (Minor issue)
 	- r-cran-commonmark 1.8.0-1 (bug #1006760)
 	[bullseye] - r-cran-commonmark <no-dsa> (Minor issue)
 	[buster] - r-cran-commonmark <no-dsa> (Minor issue)


=====================================
data/dla-needed.txt
=====================================
@@ -297,6 +297,9 @@ samba
   NOTE: 20220904: Special attention: High popcon! Used in many servers.
   NOTE: 20220904: Many postponed or open CVE in general. (apo)
 --
+smarty3
+  NOTE: 20230101: Programming language: PHP.
+--
 snakeyaml
   NOTE: 20230101: Programming language: Java.
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a4dfbae29b5103a6316503da7e6a57cddadd363e...264fbf078c5ac21733a66331ab60ee5a3d72afe3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a4dfbae29b5103a6316503da7e6a57cddadd363e...264fbf078c5ac21733a66331ab60ee5a3d72afe3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230101/b3d881ab/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list