[Pkg-javascript-devel] Bug#932500: Bug#932500: vulnerability: prototype pollution

Salvatore Bonaccorso Sat, 20 Jul 2019 13:27:16 -0700

Hi Xavier,

On Sat, Jul 20, 2019 at 05:44:05PM +0200, Xavier wrote:
> Le 20/07/2019 à 06:32, Paolo Greppi a écrit :
> > Package: node-mixin-deep
> > Version: 1.1.3-3
> > Severity: important
> > 
> > Dear Maintainer,
> > 
> > node-mixin-deep 1.1.3-3  is affected by a prototype pollution vulnerability:
> > https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212
> > https://github.com/jonschlinkert/mixin-deep/issues/6
> > 
> > Please upgrade to either 1.3.2 or 2.0.1.
> > 
> > Thanks, Paolo
> 
> Hello,
> 
> here is a proposed fix.


Thanks for preparing a debdiff. Can you fix this via an upcoming point
release for buster?

Regards,
Salvatore

-- 
Pkg-javascript-devel mailing list
Pkg-javascript-devel@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-javascript-devel

[Pkg-javascript-devel] Bug#932500: Bug#932500: vulnerability: prototype pollution

Reply via email to