Bug#1040865: bullseye-pu: package yajl/2.1.0-3+deb11u2

To: Tobias Frost <tobi@debian.org>, 1040865@bugs.debian.org
Subject: Bug#1040865: bullseye-pu: package yajl/2.1.0-3+deb11u2
From: Jonathan Wiltshire <jmw@debian.org>
Date: Sun, 23 Jul 2023 14:14:29 +0100
Message-id: <[🔎] ZL0ntcPWeRVBAW0D@powdarrmonkey.net>
Reply-to: Jonathan Wiltshire <jmw@debian.org>, 1040865@bugs.debian.org
In-reply-to: <[🔎] ZK2Y8KwFa31fU6Ud@isildor.loewenhoehle.ip>
References: <[🔎] ZK2Y8KwFa31fU6Ud@isildor.loewenhoehle.ip> <[🔎] ZK2Y8KwFa31fU6Ud@isildor.loewenhoehle.ip>

Control: tag -1 confirmed

On Tue, Jul 11, 2023 at 08:01:20PM +0200, Tobias Frost wrote:
> Previous o-s-p-u upload was #1040137; two additional CVEs have
> been fixed since then and the fix for CVE-2023-33460 has been found
> to be incomplete.
> 
> This upload is part of fixing yajl for every release. So far sid, buster
> (DLA-3492), stretch and jessie (ELA-892-1) has been targeted.
> bookworm s-p-u is pending, see #1040863

Please elaborate a little on what those CVEs are about in debian/changelog;
otherwise, go ahead.

Thanks,


-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

Reply to:

References:
- Bug#1040865: bullseye-pu: package yajl/2.1.0-3+deb11u2
  - From: Tobias Frost <tobi@debian.org>

Prev by Date: Bug#1040758: bullseye-pu: package spip/3.2.11-3+deb11u9
Next by Date: Processed: Re: Bug#1040865: bullseye-pu: package yajl/2.1.0-3+deb11u2
Previous by thread: Processed: bullseye-pu: package yajl/2.1.0-3+deb11u2
Next by thread: Processed: Re: Bug#1040865: bullseye-pu: package yajl/2.1.0-3+deb11u2
Index(es):
- Date
- Thread