[Git][security-tracker-team/security-tracker][master] Reserve DLA-3247-1 for node-trim-newlines

Chris Lamb (@lamby) Fri, 23 Dec 2022 00:55:42 -0800


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker



Commits:
d5590d83 by Chris Lamb at 2022-12-23T08:54:59+00:00
Reserve DLA-3247-1 for node-trim-newlines

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -115075,7 +115075,6 @@ CVE-2021-33624 (In kernel/bpf/verifier.c in the Linux 
kernel before 5.12.13, a b
 CVE-2021-33623 (The trim-newlines package before 3.0.1 and 4.x before 4.0.1 
for Node.j ...)
        - node-trim-newlines 3.0.0+~3.0.0-1
        [bullseye] - node-trim-newlines 3.0.0-1+deb11u1
-       [buster] - node-trim-newlines <no-dsa> (Minor issue)
        [stretch] - node-trim-newlines <end-of-life> (Nodejs in stretch not 
covered by security support)
        NOTE: https://github.com/advisories/GHSA-7p7h-4mm5-852v
        NOTE: 
https://github.com/sindresorhus/trim-newlines/commit/25246c6ce5eea1c82d448998733a6302a4350d91
 (v4.0.1)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[23 Dec 2022] DLA-3247-1 node-trim-newlines - security update
+       {CVE-2021-33623}
+       [buster] - node-trim-newlines 1.0.0-1+deb10u1
 [23 Dec 2022] DLA-3246-1 node-hawk - security update
        {CVE-2022-29167}
        [buster] - node-hawk 6.0.1+dfsg-1+deb10u1


=====================================
data/dla-needed.txt
=====================================
@@ -182,10 +182,6 @@ node-object-path
   NOTE: 20221111: Follow fixes from bullseye 11.1 (Beuc/front-desk)
   NOTE: 20221223: Functional part of CVE-2021-3805 might be 
https://gist.github.com/lamby/ebf0633837f16d174138bbf36bef38f3/raw (lamby)
 --
-node-trim-newlines (Chris Lamb)
-  NOTE: 20221111: Programming language: JavaScript.
-  NOTE: 20221111: Follow fixes from bullseye 11.3 (Beuc/front-desk)
---
 node-url-parse
   NOTE: 20221111: Programming language: JavaScript.
   NOTE: 20221111: Follow fixes from bullseye 11.4 + check postponed issues 
(Beuc/front-desk)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5590d836d03432d5a67c83a6d812156bd711c37

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5590d836d03432d5a67c83a6d812156bd711c37
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3247-1 for node-trim-newlines

Reply via email to