[Git][security-tracker-team/security-tracker][master] Reserve DLA-3260-1 for node-xmldom

Guilhem Moulin (@guilhem) Sun, 01 Jan 2023 08:50:07 -0800


Guilhem Moulin pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ffcb381a by Guilhem Moulin at 2023-01-01T17:49:36+01:00
Reserve DLA-3260-1 for node-xmldom

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -149005,7 +149005,6 @@ CVE-2021-21367 (Switchboard Bluetooth Plug for 
elementary OS from version 2.3.0
        NOT-FOR-US: Switchboard Bluetooth Plug for elementary OS
 CVE-2021-21366 (xmldom is a pure JavaScript W3C standard-based (XML DOM Level 
2 Core)  ...)
        - node-xmldom 0.5.0-1
-       [buster] - node-xmldom <no-dsa> (Minor issue)
        NOTE: 
https://github.com/xmldom/xmldom/security/advisories/GHSA-h6q6-9hqw-rwfv
        NOTE: 
https://github.com/xmldom/xmldom/commit/d4201b9dfbf760049f457f9f08a3888d48835135
 CVE-2021-21365 (Bootstrap Package is a theme for TYPO3. It has been discovered 
that re ...)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[01 Jan 2023] DLA-3260-1 node-xmldom - security update
+       {CVE-2021-21366 CVE-2022-39353}
+       [buster] - node-xmldom 0.1.27+ds-1+deb10u2
 [31 Dec 2022] DLA-3259-1 libjettison-java - security update
        {CVE-2022-40150 CVE-2022-45685 CVE-2022-45693}
        [buster] - libjettison-java 1.5.3-1~deb10u1


=====================================
data/dla-needed.txt
=====================================
@@ -192,11 +192,6 @@ node-url-parse
   NOTE: 20221111: Programming language: JavaScript.
   NOTE: 20221111: Follow fixes from bullseye 11.4 + check postponed issues 
(Beuc/front-desk)
 --
-node-xmldom (guilhem)
-  NOTE: 20221130: Programming language: JavaScript.
-  NOTE: 20221130: VCS: 
https://salsa.debian.org/lts-team/packages/node-xmldom.git
-  NOTE: 20221130: 
https://github.com/xmldom/xmldom/security/advisories/GHSA-crh6-fp67-6883 
(gladk).
---
 nodejs
   NOTE: 20221105: Programming language: Javascript, C/C++, Python
   NOTE: 20221105: VCS: https://salsa.debian.org/lts-team/packages/nodejs.git



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ffcb381a16569b050c98493884f1e8755f602c09

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ffcb381a16569b050c98493884f1e8755f602c09
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3260-1 for node-xmldom

Reply via email to