[Git][security-tracker-team/security-tracker][master] Mark JSON::XS related CVEs as no-dsa
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Sep 8 16:50:54 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b7bda88d by Salvatore Bonaccorso at 2025-09-08T17:48:26+02:00
Mark JSON::XS related CVEs as no-dsa
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2,10 +2,14 @@ CVE-2025-40930
NOT-FOR-US: JSON::SIMD Perl module
CVE-2025-40929
- libcpanel-json-xs-perl <unfixed>
+ [trixie] - libcpanel-json-xs-perl <no-dsa> (Minor issue)
+ [bookworm] - libcpanel-json-xs-perl <no-dsa> (Minor issue)
NOTE: https://lists.security.metacpan.org/cve-announce/msg/32608920/
NOTE: Fixed by: https://github.com/rurban/Cpanel-JSON-XS/commit/378236219eaa35742c3962ecbdee364903b0a1f2 (4.40)
CVE-2025-40928
- libjson-xs-perl <unfixed>
+ [trixie] - libjson-xs-perl <no-dsa> (Minor issue)
+ [bookworm] - libjson-xs-perl <no-dsa> (Minor issue)
NOTE: https://lists.security.metacpan.org/cve-announce/msg/32608909/
NOTE: https://security.metacpan.org/patches/J/JSON-XS/4.03/CVE-2025-40928-r1.patch
CVE-2025-58782
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7bda88d42cf79f80bc9f5fe6e0ab851a2d6d30b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7bda88d42cf79f80bc9f5fe6e0ab851a2d6d30b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250908/9580c626/attachment.htm>
More information about the debian-security-tracker-commits
mailing list