[Git][security-tracker-team/security-tracker][master] Add CVE-2017-16042/node-growl

Tue, 05 Jun 2018 23:27:02 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3f789a0a by Salvatore Bonaccorso at 2018-06-06T08:25:33+02:00
Add CVE-2017-16042/node-growl

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -35626,7 +35626,11 @@ CVE-2017-16044 (`d3.js` was a malicious module 
published with the intent to hija
 CVE-2017-16043 (Shout is an IRC client. Because the `/topic` command in 
messages is ...)
        TODO: check
 CVE-2017-16042 (Growl adds growl notification support to nodejs. Growl before 
1.10.2 ...)
-       TODO: check
+       - node-growl <unfixed> (unimportant)
+       NOTE: Issue: https://github.com/tj/node-growl/issues/60
+       NOTE: https://github.com/tj/node-growl/pull/61
+       NOTE: https://nodesecurity.io/advisories/146
+       NOTE: NOTE: nodejs not covered by security support
 CVE-2017-16041 (ikst versions before 1.1.2 download resources over HTTP, which 
leaves ...)
        TODO: check
 CVE-2017-16040 (gfe-sass is a library for promises (CommonJS/Promises/A,B,D) 
gfe-sass ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3f789a0a55bac0f350c907e6d912f90b772d5d43

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3f789a0a55bac0f350c907e6d912f90b772d5d43
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to