Package: release.debian.org Severity: normal X-Debbugs-Cc: cj...@packages.debian.org, Adrian Bunk <b...@debian.org>, t...@security.debian.org, Maytham Alsudany <maytha8the...@gmail.com>, car...@debian.org Control: affects -1 + src:cjson User: release.debian....@packages.debian.org Usertags: unblock
Hi, Please unblock package cjson [ Reason ] cjson 1.7.18-3 was prone to CVE-2023-26819, fixed by Adrian in the 1.7.18-3.1 NMU, cf. #1103687. [ Impact ] cjson in trixie remains vulnerable so far to CVE-2023-26819. There is as well a pending cjson bookworm-pu update covering as well this CVE. [ Tests ] I have done none. There is a test covering the change. [ Risks ] Probably low, upstream change applied. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock cjson/1.7.18-3.1 Regards, Salvatore
