[Git][security-tracker-team/security-tracker][master] Fix source package name for CVE-2023-33460/ruby-yajl

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jul 11 20:46:22 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fc394b8e by Salvatore Bonaccorso at 2023-07-11T21:45:15+02:00
Fix source package name for CVE-2023-33460/ruby-yajl

When cleaning up the entry in commit 9d945fe11095 I typoed yajl -> yail
causing the problem.

Fixes: 9d945fe11095 ("Update CVE-2023-33460 information for ruby-yajl")

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3766,8 +3766,8 @@ CVE-2023-33460 (There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse
 	[bookworm] - r-cran-jsonlite <no-dsa> (Minor issue)
 	[bullseye] - r-cran-jsonlite <no-dsa> (Minor issue)
 	[buster] - r-cran-jsonlite <postponed> (Minor issue; fix only after newer releases got a fix)
-	- ruby-yail <not-affected> (Vulnerable code not present; embeds not-affected old yajl version)
-	NOTE: ruby-yail embeds yajl version 1.0.12 (https://github.com/brianmario/yajl-ruby/blob/master/ext/yajl/api/yajl_version.h)
+	- ruby-yajl <not-affected> (Vulnerable code not present; embeds not-affected old yajl version)
+	NOTE: ruby-yajl embeds yajl version 1.0.12 (https://github.com/brianmario/yajl-ruby/blob/master/ext/yajl/api/yajl_version.h)
 CVE-2023-33457 (In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , ...)
 	NOT-FOR-US: Sogou Workflow
 CVE-2023-33381 (A command injection vulnerability was found in the ping functionality  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc394b8eeca2e27ca068e50423925cf83f06f277

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc394b8eeca2e27ca068e50423925cf83f06f277
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230711/7cd89c4c/attachment.htm>

More information about the debian-security-tracker-commits mailing list