Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 845036 (CVE-2022-30763) - <dev-lang/janet-1.22.0: array mishandling
Summary: <dev-lang/janet-1.22.0: array mishandling
Alias: CVE-2022-30763
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: ~4 [noglsa]
Depends on:
Reported: 2022-05-16 16:50 UTC by John Helmert III
Modified: 2024-01-05 12:18 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-05-16 16:50:34 UTC

Janet before 1.22.0 mishandles arrays.

This might be the relevant commit, but I don't see how it's security-relevant:
Comment 1 Viorel Munteanu gentoo-dev 2024-01-05 10:52:38 UTC
janet 1.22.0 is in the tree, is this bug still relevant?
Comment 2 Hans de Graaff gentoo-dev Security 2024-01-05 12:18:01 UTC
(In reply to Viorel Munteanu from comment #1)
> janet 1.22.0 is in the tree, is this bug still relevant?

Yes, but it does need to be updated accordingly. Resolving this with noglsa since there has not been a stable version of this package.