Processed: Re: Bug#1004033: bullseye-pu: package node-fetch/2.6.1-5+deb11u1

Processing control commands: > tags -1 + confirmed Bug #1004033 [release.debian.org] bullseye-pu: package node-fetch/2.6.1-5+deb11u1 Added tag(s) confirmed. -- 1004033: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004033 Debian Bug Tracking System Contact ow...@bugs.debian.org with proble

Bug#1004033: bullseye-pu: package node-fetch/2.6.1-5+deb11u1

Control: tags -1 + confirmed On Wed, 2022-01-19 at 16:49 +0100, Yadd wrote: > node-fetch is vulnerable to privacy breach (CVE-2022-0235) > +node-fetch (2.6.1-5+deb11u1) bullseye; urgency=medium + + * Team upload + * Don't forward secure headers to 3th party (Closes: CVE-2022-0235) s/3th/3rd/

Bug#1004033: bullseye-pu: package node-fetch/2.6.1-5+deb11u1

Package: release.debian.org Severity: normal Tags: bullseye User: release.debian@packages.debian.org Usertags: pu [ Reason ] node-fetch is vulnerable to privacy breach (CVE-2022-0235) [ Impact ] Medium vulnerability [ Tests ] Test passed [ Risks ] Low risk, patch just cleans headers [ Chec