[Git][security-tracker-team/security-tracker][master] 3 commits: add yajl

Thorsten Alteholz (@alteholz) alteholz at debian.org
Sun Jul 2 23:07:58 BST 2023 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fcb78095 by Thorsten Alteholz at 2023-07-03T00:07:40+02:00
add yajl

- - - - -
fd0c9bcc by Thorsten Alteholz at 2023-07-03T00:07:41+02:00
mark CVE-2023-2861 as no-dsa for Buster

- - - - -
430ae682 by Thorsten Alteholz at 2023-07-03T00:07:42+02:00
mark CVE-2023-3354 as no-dsa for Buster

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -445,6 +445,7 @@ CVE-2023-3354 [VNC: improper I/O watch removal in TLS handshake can lead to remo
 	- qemu <unfixed>
 	[bookworm] - qemu <no-dsa> (Minor issue)
 	[bullseye] - qemu <no-dsa> (Minor issue)
+	[buster] - qemu <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2216478
 	TODO: check, no details in RHBZ#2216478 on upstream status
 CVE-2023-3432 (Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plant ...)
@@ -497,6 +498,7 @@ CVE-2023-2996 (The Jetpack WordPress plugin before 12.1.1 does not validate uplo
 	NOT-FOR-US: WordPress plugin
 CVE-2023-2861 [9pfs: prevent opening special files]
 	- qemu <unfixed>
+	[buster] - qemu <no-dsa> (Minor issue)
 	NOTE: https://gitlab.com/qemu-project/qemu/-/commit/f6b0de53fb87ddefed348a39284c8e2f28dc4eda
 CVE-2023-2860 [ipv6: sr: fix out-of-bounds read when setting HMAC data.]
 	- linux 5.19.11-1


=====================================
data/dla-needed.txt
=====================================
@@ -263,3 +263,6 @@ webkit2gtk (Emilio)
   NOTE: 20230606: https://lists.debian.org/debian-lts/2023/06/msg00005.html (pochu)
   NOTE: 20230627: will likely hold the update and mark as not-supported due to feedback (pochu)
 --
+yajl (tobi)
+  NOTE: 20230702: Added by Front-Desk (ta)
+--



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ab48cb7e37aa9475bb69485eab889d5f8f70bb5d...430ae6821506cd4290eacaa2d66eb4b328c866e2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ab48cb7e37aa9475bb69485eab889d5f8f70bb5d...430ae6821506cd4290eacaa2d66eb4b328c866e2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230702/f0d10d69/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list