golang-github-tidwall-gjson - Debian Package Tracker

general

source: golang-github-tidwall-gjson (main)
version: 1.6.7-1
maintainer: Debian Go Packaging Team (DMD)
uploaders: Jack Henschel [DMD] – Thorsten Alteholz [DMD] – Michael Prokop [DMD]
arch: all
std-ver: 4.5.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 1.1.5-2
stable: 1.6.7-1
testing: 1.6.7-1
unstable: 1.6.7-1

versioned links

1.1.5-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.6.7-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

golang-github-tidwall-gjson-dev

action needed

A new upstream version is available: 1.14.1 high

A new upstream version 1.14.1 is available, you should consider packaging it.

Created: 2021-01-31 Last update: 2022-05-28 02:36

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2021-42248: GJSON <= 1.9.2 allows attackers to cause a redos via crafted JSON input.
CVE-2021-42836: GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.

Created: 2021-10-23 Last update: 2022-05-26 06:37

5 security issues in buster high

There are 5 open security issues in buster.

3 important issues:

CVE-2020-35380: GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON.
CVE-2021-42248: GJSON <= 1.9.2 allows attackers to cause a redos via crafted JSON input.
CVE-2021-42836: GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.

2 issues left for the package maintainer to handle:

CVE-2020-36066: (needs triaging) GJSON <1.6.5 allows attackers to cause a denial of service (remote) via crafted JSON.
CVE-2020-36067: (needs triaging) GJSON <=v1.6.5 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a crafted GET call.

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2022-05-26 06:37

2 security issues in bullseye high

There are 2 open security issues in bullseye.

2 important issues:

CVE-2021-42248: GJSON <= 1.9.2 allows attackers to cause a redos via crafted JSON input.
CVE-2021-42836: GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.

Created: 2021-10-23 Last update: 2022-05-26 06:37

2 security issues in bookworm high

There are 2 open security issues in bookworm.

2 important issues:

CVE-2021-42248: GJSON <= 1.9.2 allows attackers to cause a redos via crafted JSON input.
CVE-2021-42836: GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.

Created: 2021-10-23 Last update: 2022-05-26 06:37

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 1.6.7-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 5ea05e3b121b7b9dfda7888cda17a49bcd82d8a0
Author: Aloïs Micard <creekorful@debian.org>
Date:   Wed Dec 1 11:18:59 2021 +0000

    [skip ci] update debian/gitlab-ci.yml (using pkg-go-tools/ci-config)
    
    See: https://salsa.debian.org/go-team/infra/pkg-go-tools
    Gbp-Dch: Ignore

commit 842e05fd6d7a0300d7e1354d0f57f7b4e4ef89c8
Merge: 6ede9f0 e4a2e93
Author: Jelmer Vernooĳ <jelmer@debian.org>
Date:   Sun Sep 26 09:33:06 2021 +0000

    Merge branch 'lintian-fixes' into 'master'
    
    Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse
    
    See merge request go-team/packages/golang-github-tidwall-gjson!3

commit e4a2e9365ae40a32f46d26013ce3174832c65997
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Fri Sep 24 04:35:05 2021 +0000

    Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse.
    
    Changes-By: lintian-brush
    Fixes: lintian: upstream-metadata-file-is-missing
    See-also: https://lintian.debian.org/tags/upstream-metadata-file-is-missing.html
    Fixes: lintian: upstream-metadata-missing-bug-tracking
    See-also: https://lintian.debian.org/tags/upstream-metadata-missing-bug-tracking.html
    Fixes: lintian: upstream-metadata-missing-repository
    See-also: https://lintian.debian.org/tags/upstream-metadata-missing-repository.html

Created: 2021-09-26 Last update: 2022-05-27 17:38

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.5.1).

Created: 2021-08-18 Last update: 2022-05-11 23:25

news

[rss feed]

[2021-01-13] golang-github-tidwall-gjson 1.6.7-1 MIGRATED to testing (Debian testing watch)
[2021-01-11] Accepted golang-github-tidwall-gjson 1.6.7-1 (source) into unstable (Thorsten Alteholz)
[2021-01-09] Accepted golang-github-tidwall-gjson 1.1.5-2.1 (source) into unstable (Holger Levsen)
[2019-02-02] golang-github-tidwall-gjson 1.1.5-2 MIGRATED to testing (Debian testing watch)
[2019-01-31] Accepted golang-github-tidwall-gjson 1.1.5-2 (source all) into unstable (Michael Prokop)
[2019-01-25] golang-github-tidwall-gjson 1.1.5-1 MIGRATED to testing (Debian testing watch)
[2019-01-22] Accepted golang-github-tidwall-gjson 1.1.5-1 (source all) into unstable, unstable (Michael Prokop)

bugs [bug history graph]

all: 2
RC: 0
I&N: 2
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.6.7-1