golang-github-tidwall-gjson - Debian Package Tracker

general

source: golang-github-tidwall-gjson (main)
version: 1.6.7-2
maintainer: Debian Go Packaging Team (DMD)
uploaders: Michael Prokop [DMD] – Thorsten Alteholz [DMD] – Jack Henschel [DMD]
arch: all
std-ver: 4.5.1
VCS: Git (Browse, QA)

versioned links

1.1.5-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.6.7-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.6.7-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

action needed

A new upstream version is available: 1.14.4 high

A new upstream version 1.14.4 is available, you should consider packaging it.

Created: 2021-01-31 Last update: 2022-12-01 09:01

2 security issues in sid high

2 important issues:

CVE-2021-42248: GJSON <= 1.9.2 allows attackers to cause a redos via crafted JSON input.
CVE-2021-42836: GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.

Created: 2022-07-04 Last update: 2022-11-29 23:47

2 security issues in bookworm high

There are 2 open security issues in bookworm.

2 important issues:

CVE-2021-42248: GJSON <= 1.9.2 allows attackers to cause a redos via crafted JSON input.
CVE-2021-42836: GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.

Created: 2022-07-04 Last update: 2022-11-29 23:47

lintian reports 3 warnings normal

Lintian reports 3 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2022-07-30 Last update: 2022-11-30 04:06

2 low-priority security issues in bullseye low

There are 2 open security issues in bullseye.

2 issues left for the package maintainer to handle:

CVE-2021-42248: (needs triaging) GJSON <= 1.9.2 allows attackers to cause a redos via crafted JSON input.
CVE-2021-42836: (needs triaging) GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.

You can find information about how to handle these issues in the security team's documentation.

Created: 2022-07-04 Last update: 2022-11-29 23:47

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.5.1).

Created: 2021-08-18 Last update: 2022-11-29 23:21

testing migrations

[2022-11-29] Accepted golang-github-tidwall-gjson 1.6.7-2 (source) into unstable (Jelmer Vernooĳ) (signed by: Jelmer Vernooij)
[2021-01-13] golang-github-tidwall-gjson 1.6.7-1 MIGRATED to testing (Debian testing watch)
[2021-01-11] Accepted golang-github-tidwall-gjson 1.6.7-1 (source) into unstable (Thorsten Alteholz)
[2021-01-09] Accepted golang-github-tidwall-gjson 1.1.5-2.1 (source) into unstable (Holger Levsen)
[2019-02-02] golang-github-tidwall-gjson 1.1.5-2 MIGRATED to testing (Debian testing watch)
[2019-01-31] Accepted golang-github-tidwall-gjson 1.1.5-2 (source all) into unstable (Michael Prokop)
[2019-01-25] golang-github-tidwall-gjson 1.1.5-1 MIGRATED to testing (Debian testing watch)
[2019-01-22] Accepted golang-github-tidwall-gjson 1.1.5-1 (source all) into unstable, unstable (Michael Prokop)

bugs [bug history graph]

links

ubuntu