[Git][security-tracker-team/security-tracker][master] bullseye/bookworm triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Nov 3 13:38:56 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9525575f by Moritz Muehlenhoff at 2023-11-03T13:18:54+01:00
bullseye/bookworm triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -3657,6 +3657,8 @@ CVE-2023-5072 (Denial of Service in JSON-Java versions up to and including 2023
- libjson-java <unfixed> (bug #1053882)
- jenkins-json <unfixed> (bug #1053883)
- libjettison-java <unfixed> (bug #1053884)
+ [bookworm] - libjettison-java <no-dsa> (Minor issue)
+ [bullseye] - libjettison-java <no-dsa> (Minor issue)
NOTE: https://github.com/stleary/JSON-java/issues/758
NOTE: https://github.com/stleary/JSON-java/issues/771
NOTE: https://github.com/stleary/JSON-java/pull/772/
=====================================
data/dsa-needed.txt
=====================================
@@ -34,6 +34,8 @@ linux (carnil)
nbconvert/oldstable
Guilhem Moulin proposed an update ready for review
--
+netty
+--
nghttp2
--
nodejs
@@ -42,6 +44,7 @@ nodejs
nova/oldstable
--
openjdk-17 (jmm)
+ needs a fixed jtreg6, will also be release via the security archive
--
php-cas/oldstable
--
@@ -86,9 +89,7 @@ squid
--
tiff (aron)
--
-trafficserver
---
-wpewebkit/oldstable
+trafficserver (jmm)
--
xen (jmm)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9525575f4dcd17c5d0f4cde6e61a2a7ea4844779
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9525575f4dcd17c5d0f4cde6e61a2a7ea4844779
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231103/bbb484e1/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list