-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4224-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk June 23, 2025 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : node-send Version : 0.17.1-2+deb11u1 CVE ID : CVE-2024-43799 Debian Bug : 1081483 Template injection that can lead to XSS has been fixed in node-send, a Node.js module for streaming files over HTTP. For Debian 11 bullseye, this problem has been fixed in version 0.17.1-2+deb11u1. We recommend that you upgrade your node-send packages. For the detailed security status of node-send please refer to its security tracker page at: https://security-tracker.debian.org/tracker/node-send Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmhZK40ACgkQiNJCh6LY mLEVmQ//WdKu8bOpLGnG0C7SSOMVhHF14btSdYyHQT6CCRemYRsgWJ3OSNgCIDz5 AJ5PMHT8txt5O+bgBneQfaL4wKZEstp7MhFtcPERGg6lZjX1+253xLsgmt0ibcaQ 7MstsNk2Q4JEOG8Phve86BH+AXMEWDOz2MyYhbb8uU20OTfaGD+PsAUxlpL24arf D9cZ8o/ll0ryAHxJnyazhSj401rT0aoTWmOslM2OhL0Kj+jZnmCFVRN02wmgPFqW /G2TZLUWlt8jT9jFQxayXUOrYQCluNKODThF1cGd1Vl4iuQpyvUqYbGOH0SnY9aw 1Gig83Exbxg/2D+UfFaQyi09H8YPXql0S7SkLEcBK0MFG0DpzZjHmLCNMQbc1L4r CBkR8QB7VspPrBIwlQ7lWUeRP9RwDYSt8+QlhVGMHap6W/hsAwv/RyYK41nULloN 0W0qlQ8UAHs6C0sEooRhsgkHZKDPo3u7+h+YFkG2zgtFHuhRU9WOQj3mITmxwF8X FKfJHMBIK6QPi6hNwXcskDj9naCaqIHDv9+EkZnON8vkcCkC3G9iwPOl+kX4XbkL cSntXuC2Fd2NfC71pBLKqdNQjr8xjX2x5/JboIyZg9/B7xelC5hwQbwYHlGCUozc skhc05f54l9JnBRRu0Cu81Yf8WcVrPUXqFJhRnbXZhTKOW2uie8= =p4Ue -----END PGP SIGNATURE-----
