[Git][security-tracker-team/security-tracker][master] 2 commits: LTS: add pypdf2

Anton Gladky (@gladk) gladk at debian.org
Wed Jul 5 05:59:53 BST 2023 


Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8bf22648 by Anton Gladky at 2023-07-05T06:59:05+02:00
LTS: add pypdf2

- - - - -
544d1f55 by Anton Gladky at 2023-07-05T06:59:39+02:00
Mark ruby-yajl as no-dsa for buster

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -3010,6 +3010,7 @@ CVE-2023-33460 (There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse
 	- ruby-yajl <unfixed>
 	[bookworm] - ruby-yajl <no-dsa> (Minor issue)
 	[bullseye] - ruby-yajl <no-dsa> (Minor issue)
+	[buster] - ruby-yajl <no-dsa> (Minor issue)
 CVE-2023-33457 (In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , ...)
 	NOT-FOR-US: Sogou Workflow
 CVE-2023-33381 (A command injection vulnerability was found in the ping functionality  ...)


=====================================
data/dla-needed.txt
=====================================
@@ -173,6 +173,9 @@ php-dompdf
   NOTE: 20230618: Added by Front-Desk (opal)
   NOTE: 20230618: Low priority but higher than to not fix it.
 --
+pypdf2
+  NOTE: 20230705: Added by Front-Desk (gladk)
+--
 python-glance-store (jspricke)
   NOTE: 20230525: Added by Front-Desk (lamby)
   NOTE: 20230525: NB. CVE-2023-2088 filed against python-glance-store, python-os-brick, nova and cinder.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6870f195eca3236b18912c607f24f0f89da9dba9...544d1f55ffdf81d721dc6b756d6a122d5b70def0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6870f195eca3236b18912c607f24f0f89da9dba9...544d1f55ffdf81d721dc6b756d6a122d5b70def0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230705/41a139cd/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list