Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b38954ed by Ola Lundqvist at 2023-04-23T14:21:52+02:00
CVE-2021-32921 marked as no-dsa for buster since the impact is low. Upstream
has considered the impact too low to fix it.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -145261,7 +145261,9 @@ CVE-2021-32822 (The npm hbs package is an Express
view engine wrapper for Handle
NOT-FOR-US: Node hbs
CVE-2021-32821 (MooTools is a collection of JavaScript utilities for
JavaScript develo ...)
- mootools <unfixed> (bug #1032664)
+ [buster] - mootools <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2020-345-redos-mootools/
+ NOTE: No plan to fix this upstream as upstream consider it too low
impact.
CVE-2021-32820 (Express-handlebars is a Handlebars view engine for Express.
Express-ha ...)
NOT-FOR-US: Express-handlebars
CVE-2021-32819 (Squirrelly is a template engine implemented in JavaScript that
works o ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b38954ed66c990145a046c236ca3e3789354746e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b38954ed66c990145a046c236ca3e3789354746e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
