Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits: cf39b23b by Sylvain Beucler at 2023-04-03T17:33:43+02:00 CVE-2023-1436/libjettison-java: buster postponed - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -2263,6 +2263,7 @@ CVE-2023-1437 CVE-2023-1436 (An infinite recursion is triggered in Jettison when constructing a JSO ...) - libjettison-java <unfixed> (bug #1033846) [bullseye] - libjettison-java <no-dsa> (Minor issue) + [buster] - libjettison-java <postponed> (Minor issue, DoS) NOTE: https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/ NOTE: https://github.com/jettison-json/jettison/issues/60 NOTE: https://github.com/jettison-json/jettison/pull/62 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf39b23bffdda80de1f64030e9c786958c88764c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf39b23bffdda80de1f64030e9c786958c88764c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits