1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#1108861: unblock: cjson/1.7.18-3.1

    From Salvatore Bonaccorso@21:1/5 to All on Sun Jul 6 15:30:01 2025
    XPost: linux.debian.devel.release

    Package: release.debian.org
    Severity: normal
    X-Debbugs-Cc: [email protected], Adrian Bunk <[email protected]>, [email protected], Maytham Alsudany <[email protected]>, [email protected]
    Control: affects -1 + src:cjson
    User: [email protected]
    Usertags: unblock

    Hi,

    Please unblock package cjson

    [ Reason ]
    cjson 1.7.18-3 was prone to CVE-2023-26819, fixed by Adrian in the
    1.7.18-3.1 NMU, cf. #1103687.

    [ Impact ]
    cjson in trixie remains vulnerable so far to CVE-2023-26819. There is
    as well a pending cjson bookworm-pu update covering as well this CVE.

    [ Tests ]
    I have done none. There is a test covering the change.

    [ Risks ]
    Probably low, upstream change applied.

    [ Checklist ]
    [x] all changes are documented in the d/changelog
    [x] I reviewed all changes and I approve them
    [x] attach debdiff against the package in testing

    unblock cjson/1.7.18-3.1

    Regards,
    Salvatore

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)