subject:"Bug#977735\: buster\-pu\: package node\-ini\/1.3.5\-1\+deb10u1"

Bug#977735: buster-pu: package node-ini/1.3.5-1+deb10u1

2021-01-16 Thread Adam D. Barratt

Control: tags -1 + confirmed On Sat, 2020-12-19 at 20:53 +0100, Xavier Guimard wrote: > node-ini is vulnearable to CVE-2020-7788: if an attacker submits a > malicious > INI file to an application that parses it with ini.parse, they will > pollute > the prototype on the application. This can be exp

Processed: Re: Bug#977735: buster-pu: package node-ini/1.3.5-1+deb10u1

2021-01-16 Thread Debian Bug Tracking System

Processing control commands: > tags -1 + confirmed Bug #977735 [release.debian.org] buster-pu: package node-ini/1.3.5-1+deb10u1 Added tag(s) confirmed. -- 977735: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977735 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems

Bug#977735: buster-pu: package node-ini/1.3.5-1+deb10u1

2020-12-19 Thread Xavier Guimard

Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu [ Reason ] node-ini is vulnearable to CVE-2020-7788: if an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on t

Bug#977735: buster-pu: package node-ini/1.3.5-1+deb10u1

Processed: Re: Bug#977735: buster-pu: package node-ini/1.3.5-1+deb10u1

Bug#977735: buster-pu: package node-ini/1.3.5-1+deb10u1

3 matches

Site Navigation

Mail list logo

Footer information