Package: release.debian.org Severity: normal X-Debbugs-Cc: [email protected], Adrian Bunk <[email protected]>, [email protected], Maytham Alsudany <[email protected]>, [email protected] Control: affects -1 + src:cjson User: [email protected] Usertags: unblock
Hi, Please unblock package cjson [ Reason ] cjson 1.7.18-3 was prone to CVE-2023-26819, fixed by Adrian in the 1.7.18-3.1 NMU, cf. #1103687. [ Impact ] cjson in trixie remains vulnerable so far to CVE-2023-26819. There is as well a pending cjson bookworm-pu update covering as well this CVE. [ Tests ] I have done none. There is a test covering the change. [ Risks ] Probably low, upstream change applied. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock cjson/1.7.18-3.1 Regards, Salvatore
