Control: tags -1 - moreinfo Le 30/09/2021 à 21:45, Adam D. Barratt a écrit : > Control: tags -1 + moreinfo > > On Thu, 2021-07-29 at 13:07 +0200, Yadd wrote: >> node-jszip is vulnerable to a prototype pollution (CVE-2021-23413) >> > > + * Fix a null prototype object for this.files (Closes: CVE-2021- > 23413) > > As far as I can tell, you're fixing an issue by *using* a null > prototype object, whereas the changelog entry above implies that you're > removing such a use. > > Regards,
Sorry, fixed and pushed (commit was "fix: use a null..."). Cheers, Yadd
