diff options
author | Adrian Bunk <bunk@debian.org> | 2024-03-14 22:02:58 +0200 |
---|---|---|
committer | Adrian Bunk <bunk@debian.org> | 2024-03-14 22:02:58 +0200 |
commit | 82f39acdaedb466d3432559b2a8f4de68978be1c (patch) | |
tree | ce27bf2cf030f63bb1e26c3ef8779889c7035e20 /data | |
parent | 2db7de006e7819eb740ad8143a1c134c0ffff2ac (diff) |
Reserve DLA-3760-1 for node-xml2js
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 1 | ||||
-rw-r--r-- | data/DLA/list | 3 | ||||
-rw-r--r-- | data/dla-needed.txt | 4 |
3 files changed, 3 insertions, 5 deletions
diff --git a/data/CVE/list b/data/CVE/list index c4c97333c7..81af6eab31 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -68310,7 +68310,6 @@ CVE-2023-0843 CVE-2023-0842 (xml2js version 0.4.23 allows an external attacker to edit or add new p ...) - node-xml2js 0.4.23+~cs15.4.0+dfsg-7 (bug #1034148) [bullseye] - node-xml2js 0.2.8-1.1+deb11u1 - [buster] - node-xml2js <no-dsa> (Minor issue) NOTE: https://fluidattacks.com/advisories/myers/ NOTE: https://github.com/Leonidas-from-XIV/node-xml2js/issues/663 NOTE: https://github.com/Leonidas-from-XIV/node-xml2js/pull/603 diff --git a/data/DLA/list b/data/DLA/list index 5517d981dd..fe5fc98938 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[14 Mar 2024] DLA-3760-1 node-xml2js - security update + {CVE-2023-0842} + [buster] - node-xml2js 0.2.8-1.1+deb11u1~deb10u1 [11 Mar 2024] DLA-3759-1 qemu - security update {CVE-2023-2861 CVE-2023-3354 CVE-2023-5088} [buster] - qemu 1:3.1+dfsg-8+deb10u12 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 0d1492dd3b..37cd6c137b 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -167,10 +167,6 @@ linux-5.10 lucene-solr NOTE: 20240213: Added by Front-Desk (lamby) -- -node-xml2js (Adrian Bunk) - NOTE: 20240313: Added by Front-Desk (Beuc) - NOTE: 20240313: Follow fix from bullseye 11.9 (CVE-2023-0842) (Beuc/front-desk) --- nodejs (guilhem) NOTE: 20240218: Added by Front-Desk (lamby) -- |