[Git][security-tracker-team/security-tracker][master] Reserve DLA-3235-1 for node-eventsource

Sun, 11 Dec 2022 05:36:07 -0800 


Guilhem Moulin pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f5eedaa2 by Guilhem Moulin at 2022-12-11T14:35:35+01:00
Reserve DLA-3235-1 for node-eventsource

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -47676,7 +47676,6 @@ CVE-2022-1651 (A memory leak flaw was found in the 
Linux kernel in acrn_dev_ioct
 CVE-2022-1650 (Exposure of Sensitive Information to an Unauthorized Actor in 
GitHub r ...)
        - node-eventsource 2.0.2+~1.1.8-1
        [bullseye] - node-eventsource 1.0.7-1+deb11u1
-       [buster] - node-eventsource <no-dsa> (Minor issue)
        [stretch] - node-eventsource <end-of-life> (not covered by security 
support)
        NOTE: https://huntr.dev/bounties/dc9e467f-be5d-4945-867d-1044d27e9b8e/
        NOTE: 
https://github.com/eventsource/eventsource/commit/10ee0c4881a6ba2fe65ec18ed195ac35889583c4
 (v2.0.2)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[11 Dec 2022] DLA-3235-1 node-eventsource - security update
+       {CVE-2022-1650}
+       [buster] - node-eventsource 0.2.1-1+deb10u1
 [10 Dec 2022] DLA-3234-1 hsqldb - security update
        {CVE-2022-41853}
        [buster] - hsqldb 2.4.1-2+deb10u1


=====================================
data/dla-needed.txt
=====================================
@@ -156,10 +156,6 @@ nextcloud-desktop
 node-css-what
   NOTE: 20221031: Programming language: Javascript.
 --
-node-eventsource (guilhem)
-  NOTE: 20221111: Programming language: JavaScript.
-  NOTE: 20221111: Follow fixes from bullseye 11.4 (Beuc/front-desk)
---
 node-follow-redirects
   NOTE: 20221111: Programming language: JavaScript.
   NOTE: 20221111: Follow fixes from bullseye 11.3 (Beuc/front-desk)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5eedaa27c16d3505ec4c32b9302c0b2e6f98330

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5eedaa27c16d3505ec4c32b9302c0b2e6f98330
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to