[Git][security-tracker-team/security-tracker][master] LTS: Ignore last remaining actionable libmojolicious-perl CVE

Fri, 20 Jun 2025 07:04:03 -0700 


Sean Whitton pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4ebc1dee by Sean Whitton at 2025-06-20T15:03:29+01:00
LTS: Ignore last remaining actionable libmojolicious-perl CVE

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -133467,7 +133467,7 @@ CVE-2023-52341 (In Plaintext COUNTER CHECK message 
accepted before AS security a
        NOT-FOR-US: Unisoc
 CVE-2021-47208 (The Mojolicious module before 9.11 for Perl has a bug in 
format detect ...)
        - libmojolicious-perl 9.21+dfsg-1
-       [bullseye] - libmojolicious-perl <postponed> (Minor issue)
+       [bullseye] - libmojolicious-perl <ignored> (Minor issue, fix likely to 
break existing Mojolicious applications for minimal gain)
        NOTE: https://github.com/mojolicious/mojo/issues/1736
        NOTE: 
https://github.com/mojolicious/mojo/commit/a0c4576ffb11c235088550de9ba7ac4196e1953c
 (v9.11)
 CVE-2020-36829 (The Mojolicious module before 8.65 for Perl is vulnerable to 
secure_co ...)


=====================================
data/dla-needed.txt
=====================================
@@ -174,11 +174,6 @@ knot-resolver
   NOTE: 20250506: Writting to upstream to get a PoC to reproduce open CVEs.
   NOTE: 20250522: Processing some tips received by upstream to try to 
reproduce CVE. Still working on the patches.
 --
-libmojolicious-perl (Sean Whitton)
-  NOTE: 20250506: Added by Front-Desk (Beuc)
-  NOTE: 20250620: Picking this up again.  We have had some e-mail discussion
-  NOTE: 20250620: about the CVEs; I'll start by updating the trackers.  
(spwhitton)
---
 libpgjava
   NOTE: 20250613: Added by Front-Desk (rouca)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ebc1deecfd326575626f56acd46c9081b19e69a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ebc1deecfd326575626f56acd46c9081b19e69a
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to