Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6b9bd847 by Salvatore Bonaccorso at 2022-03-04T20:54:43+01:00
Update information for CVE-2021-43616/npm, fixed via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -22069,10 +22069,11 @@ CVE-2021-43617 (Laravel Framework through 8.70.2 does
not sufficiently block the
CVE-2021-3957 (kimai2 is vulnerable to Cross-Site Request Forgery (CSRF) ...)
NOT-FOR-US: kimai2
CVE-2021-43616 (The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds
with an i ...)
- - npm <unfixed>
+ - npm 8.4.1~ds-1
[bullseye] - npm <no-dsa> (Minor issue)
[buster] - npm <no-dsa> (Minor issue)
NOTE: https://github.com/npm/cli/issues/2701
+ NOTE:
https://github.com/npm/cli/commit/457e0ae61bbc55846f5af44afa4066921923490f
(v8.4.1)
CVE-2021-43615 (An issue was discovered in HddPassword in Insyde InsydeH2O
with kernel ...)
NOT-FOR-US: Insyde
CVE-2021-43614
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b9bd847a2c406e34e8dd6609fd13c9940ad861a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b9bd847a2c406e34e8dd6609fd13c9940ad861a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
