[Git][security-tracker-team/security-tracker][master] Reserve DLA-3478-1 for yajl
Tobias Frost (@tobi)
tobi at debian.org
Sun Jul 2 12:08:15 BST 2023
Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4da854d9 by Tobias Frost at 2023-07-02T13:07:45+02:00
Reserve DLA-3478-1 for yajl
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2801,7 +2801,6 @@ CVE-2023-33460 (There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse
- yajl 2.1.0-3.1 (bug #1039984)
[bookworm] - yajl <no-dsa> (Minor issue)
[bullseye] - yajl <no-dsa> (Minor issue)
- [buster] - yajl <postponed> (Minor issue)
NOTE: https://github.com/lloyd/yajl/issues/250
- burp <unfixed>
[buster] - burp <postponed> (Minor issue; fix only after newer releases got a fix)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[02 Jul 2023] DLA-3478-1 yajl - security update
+ {CVE-2023-33460}
+ [buster] - yajl 2.1.0-2+deb10u1
[30 Jun 2023] DLA-3477-1 python3.7 - security update
{CVE-2015-20107 CVE-2020-10735 CVE-2021-3426 CVE-2021-3733 CVE-2021-3737 CVE-2021-4189 CVE-2022-45061}
[buster] - python3.7 3.7.3-2+deb10u5
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4da854d9d9c5e4e9b297a0c9c3503b3f24dbc276
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4da854d9d9c5e4e9b297a0c9c3503b3f24dbc276
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230702/efe5edfd/attachment.htm>
More information about the debian-security-tracker-commits
mailing list