Anton Gladky pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8bf22648 by Anton Gladky at 2023-07-05T06:59:05+02:00
LTS: add pypdf2
- - - - -
544d1f55 by Anton Gladky at 2023-07-05T06:59:39+02:00
Mark ruby-yajl as no-dsa for buster
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -3010,6 +3010,7 @@ CVE-2023-33460 (There's a memory leak in yajl 2.1.0 with
use of yajl_tree_parse
- ruby-yajl <unfixed>
[bookworm] - ruby-yajl <no-dsa> (Minor issue)
[bullseye] - ruby-yajl <no-dsa> (Minor issue)
+ [buster] - ruby-yajl <no-dsa> (Minor issue)
CVE-2023-33457 (In Sogou Workflow v0.10.6, memcpy a negtive size in
URIParser::parse , ...)
NOT-FOR-US: Sogou Workflow
CVE-2023-33381 (A command injection vulnerability was found in the ping
functionality ...)
=====================================
data/dla-needed.txt
=====================================
@@ -173,6 +173,9 @@ php-dompdf
NOTE: 20230618: Added by Front-Desk (opal)
NOTE: 20230618: Low priority but higher than to not fix it.
--
+pypdf2
+ NOTE: 20230705: Added by Front-Desk (gladk)
+--
python-glance-store (jspricke)
NOTE: 20230525: Added by Front-Desk (lamby)
NOTE: 20230525: NB. CVE-2023-2088 filed against python-glance-store,
python-os-brick, nova and cinder.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6870f195eca3236b18912c607f24f0f89da9dba9...544d1f55ffdf81d721dc6b756d6a122d5b70def0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6870f195eca3236b18912c607f24f0f89da9dba9...544d1f55ffdf81d721dc6b756d6a122d5b70def0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
