Le 07/02/2020 à 20:16, Adam D. Barratt a écrit : > On Sat, 2020-01-25 at 20:40 +0000, Adam D. Barratt wrote: >> Control: tags -1 + confirmed >> >> On Mon, 2019-12-30 at 07:51 +0100, Xavier Guimard wrote: >>> node-handlebars is vulnearable to prototype pollution (CVE-2019- >>> 19919). >>> >> >> Please go ahead. > > This apparently causes regressions in the autopkgtests of node- > markdown-it-html5-embed, which you also most recently uploaded - see > https://ci.debian.net/user/britney/jobs?package=node-markdown-it-html5-embed&suite[]=stable&arch[]=amd64 > > Is this enough of an issue to not include the node-handlebars update? > > Regards, > > Adam
Hi, then please defer node-handlebars update until I understand what happens. Cheers, Xavier
