-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2503-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb December 21, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : node-ini Version : 1.1.0-1+deb9u1 CVE ID : CVE-2020-7788 Debian Bug : #977718 It was discovered that there was an issue in node-ini, a .ini format parser and serializer for Node.js, where an application could be exploited by a malicious input file. For Debian 9 "Stretch", this problem has been fixed in version 1.1.0-1+deb9u1. We recommend that you upgrade your node-ini packages. For the detailed security status of node-ini please refer to its security tracker page at: https://security-tracker.debian.org/tracker/node-ini Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl/gt3AACgkQHpU+J9Qx HljLCg/8D6S/XgMTo80cePZY0c+m93pWRFhy2Q8PxtFlhxVamujpmxV/n8gdBS7H +QhshojXCb2Kl+g+LDVL779+BUxn5MNoHSbT0hyvPIxK76QnNragSjhOASDm2Ki1 OFata+uqIUWtrD8HUmQz+OE6Dqg7+617IWt3TzGUzsR3i3PT+F2NO2IVuOzIWucc VWIV2728V7kelkYxMeV2g36YPmMKEY/v8gwIB80aXUXJqAnvYkH1DJh1uWMWBZMJ zyZManUii0FbAXXPnjiRc39Mmv3MjIuI06qWECjs/DDL5kol4gmHrygZmfWDeyYe d5a3g4ORtAK/LW/fJnD3KuP8oggRDp4nBnx2ukSNT0pN9tVM9AB/d6Rli/HhH68z kwL41l/xuQkSKpepCRNYDzClZjtik9qBAgfuJvQVtU9WeXhFnZ5q2Hl8Paqc/dHz kNslkmxWIUwm5WoMnUDwpgZlB0+4LLBIq2I09bOzpwCn7T0vjv3n+cdLLkgWCIbE moVio0MKbnNGA9BDgzMajLKmjSLU/02gfeMJGkqWAJAfk/t3le7GT7RAoMgZlbyJ pmJCXjIGutAL21LDW39aWGN+xgmzlZcsWktrEv3DbnEjjL2uQU7NBRJqgOws6dbv YMbQw3IC9kIin4/wMevSikJV+aPElpnnL0N6Mx+Fj3alfGmgTAk= =U6fv -----END PGP SIGNATURE-----
