Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
17a1b280 by Moritz Mühlenhoff at 2022-01-21T15:59:36+01:00
node-fetch spu
- - - - -
2 changed files:
- data/CVE/list
- data/next-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1646,6 +1646,7 @@ CVE-2022-0236 (The WP Import Export WordPress plugin
(both free and premium vers
NOT-FOR-US: WordPress plugin
CVE-2022-0235 (node-fetch is vulnerable to Exposure of Sensitive Information
to an Un ...)
- node-fetch 2.6.1-7
+ [bullseye] - node-fetch <no-dsa> (Minor issue)
NOTE: https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/
NOTE: Fixed by:
https://github.com/node-fetch/node-fetch/commit/f5d3cf5e2579cb8f4c76c291871e69696aef8f80
(v3.1.1)
CVE-2022-0234
=====================================
data/next-point-update.txt
=====================================
@@ -42,3 +42,5 @@ CVE-2021-3997
[bullseye] - systemd 247.3-7
CVE-2020-18442
[bullseye] - zziplib 0.13.62-3.3+deb11u1
+CVE-2022-0235
+ [bullseye] - node-fetch 2.6.1-5+deb11u1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17a1b28059f89faceee17bb7ec5f10a1dc1f8003
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17a1b28059f89faceee17bb7ec5f10a1dc1f8003
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
