Your message dated Sat, 13 Mar 2021 07:33:41 +
with message-id
and subject line Bug#985086: fixed in node-lodash 4.17.21+dfsg+~cs8.31.173-1
has caused the Debian Bug report #985086,
regarding CVE-2021-23337 CVE-2020-28500
to be marked as done.
This means that you claim that the problem has be
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 13 Mar 2021 08:08:00 +0100
Source: node-lodash
Architecture: source
Version: 4.17.21+dfsg+~cs8.31.173-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-By: Yadd
Closes:
node-lodash_4.17.21+dfsg+~cs8.31.173-1_sourceonly.changes uploaded successfully
to localhost
along with the files:
node-lodash_4.17.21+dfsg+~cs8.31.173-1.dsc
node-lodash_4.17.21+dfsg+~cs8.31.173.orig-lodash-cli.tar.xz
node-lodash_4.17.21+dfsg+~cs8.31.173.orig-types-lodash.tar.xz
node-lodas
Source: node-url-parse
Version: 1.4.7+repack-2
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for node-url-parse.
CVE-2021-27515[0]:
| url-parse before 1.5.0 mishandles certain uses of backslash suc
Source: node-prismjs
Version: 1.11.0+dfsg-4
Severity: important
Tags: security upstream
Forwarded: https://github.com/PrismJS/prism/issues/2583
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for node-prismjs.
CVE-2021-23341[0]:
| The package
Processing commands for cont...@bugs.debian.org:
> tags 985086 + upstream
Bug #985086 [node-lodash] CVE-2021-23337 CVE-2020-28500
Added tag(s) upstream.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
985086: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=98508
Package: node-lodash
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team
CVE-2021-23337:
https://snyk.io/vuln/SNYK-JS-LODASH-1040724
CVE-2020-28500:
https://snyk.io/vuln/SNYK-JS-LODASH-1018905
Cheers,
Moritz
--
Pkg-javascript-devel mailing list
Pkg-javascript-devel@aliot
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 12 Mar 2021 23:27:56 +0530
Source: node-rollup-plugin-node-polyfills
Binary: node-rollup-plugin-node-polyfills
Architecture: source all
Version: 0.2.1+dfsg-5~bpo10+1
Distribution: buster-backports
Urgency: medium
node-rollup-plugin-node-polyfills_0.2.1+dfsg-5~bpo10+1_amd64.changes uploaded
successfully to localhost
along with the files:
node-rollup-plugin-node-polyfills_0.2.1+dfsg-5~bpo10+1.dsc
node-rollup-plugin-node-polyfills_0.2.1+dfsg.orig.tar.xz
node-rollup-plugin-node-polyfills_0.2.1+dfsg-5~bpo
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 12 Mar 2021 22:41:48 +0530
Source: node-rollup-plugin-node-resolve
Binary: node-rollup-plugin-node-resolve
Architecture: source all
Version: 11.0.1-2~bpo10+1
Distribution: buster-backports
Urgency: medium
Maintain
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 12 Mar 2021 22:53:41 +0530
Source: node-rollup
Binary: rollup
Architecture: source all
Version: 2.38.4-1~bpo10+1
Distribution: buster-backports
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-B
node-rollup-plugin-node-resolve_11.0.1-2~bpo10+1_amd64.changes uploaded
successfully to localhost
along with the files:
node-rollup-plugin-node-resolve_11.0.1-2~bpo10+1.dsc
node-rollup-plugin-node-resolve_11.0.1.orig.tar.xz
node-rollup-plugin-node-resolve_11.0.1-2~bpo10+1.debian.tar.xz
nod
node-rollup_2.38.4-1~bpo10+1_amd64.changes uploaded successfully to localhost
along with the files:
node-rollup_2.38.4-1~bpo10+1.dsc
node-rollup_2.38.4.orig.tar.gz
node-rollup_2.38.4-1~bpo10+1.debian.tar.xz
node-rollup_2.38.4-1~bpo10+1_amd64.buildinfo
rollup_2.38.4-1~bpo10+1_all.deb
Gree
binary:node-normalize-range is NEW.
binary:node-normalize-range is NEW.
source:node-normalize-range is NEW.
Your package has been put into the NEW queue, which requires manual action
from the ftpteam to process. The upload was otherwise valid (it had a good
OpenPGP signature and file hashes are va
node-normalize-range_0.1.2-2~bpo10+1_amd64.changes uploaded successfully to
localhost
along with the files:
node-normalize-range_0.1.2-2~bpo10+1.dsc
node-normalize-range_0.1.2.orig.tar.gz
node-normalize-range_0.1.2-2~bpo10+1.debian.tar.xz
node-normalize-range_0.1.2-2~bpo10+1_all.deb
node
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 09 Mar 2021 18:10:46 +0530
Source: node-cron-validator
Binary: node-cron-validator
Architecture: source all
Version: 1.2.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
Chang
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 12 Mar 2021 13:17:08 +0100
Source: node-typescript
Binary: node-typescript
Architecture: source all
Version: 4.2.3-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-B
node-typescript_4.2.3-1_amd64.changes uploaded successfully to localhost
along with the files:
node-typescript_4.2.3-1.dsc
node-typescript_4.2.3.orig.tar.gz
node-typescript_4.2.3-1.debian.tar.xz
node-typescript_4.2.3-1_all.deb
node-typescript_4.2.3-1_amd64.buildinfo
Greetings,
Y
18 matches
Mail list logo
