[Git][security-tracker-team/security-tracker][master] Reserve DLA-3428-1 for node-nth-check

@rouca Sat, 20 May 2023 14:02:37 -0700


Bastien Roucariès pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e938807f by Bastien Roucariès at 2023-05-20T21:01:59+00:00
Reserve DLA-3428-1 for node-nth-check

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -127269,7 +127269,6 @@ CVE-2021-41079 (Apache Tomcat 8.5.0 to 8.5.63, 
9.0.0-M1 to 9.0.43 and 10.0.0-M1
 CVE-2021-3803 (nth-check is vulnerable to Inefficient Regular Expression 
Complexity)
        - node-nth-check 2.0.1-1
        [bullseye] - node-nth-check 2.0.0-1+deb11u1
-       [buster] - node-nth-check <no-dsa> (Minor issue)
        [stretch] - node-nth-check <end-of-life> (Nodejs in stretch not covered 
by security support)
        NOTE: 
https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726
 (v2.0.1)
        NOTE: https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0/


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[20 May 2023] DLA-3428-1 node-nth-check - security update
+       {CVE-2021-3803}
+       [buster] - node-nth-check 1.0.1-1+deb10u1
 [20 May 2023] DLA-3427-1 texlive-bin - security update
        {CVE-2023-32700}
        [buster] - texlive-bin 2018.20181218.49446-1+deb10u1


=====================================
data/dla-needed.txt
=====================================
@@ -97,12 +97,6 @@ node-got
   NOTE: 20221223: Module has been rewritten in Typescript since Buster 
released (lamby).
   NOTE: 20230206: VCS: https://salsa.debian.org/lts-team/packages/node-got.git
 --
-node-nth-check (rouca)
-  NOTE: 20221111: Programming language: JavaScript.
-  NOTE: 20221111: Follow fixes from bullseye 11.3 (Beuc/front-desk)
-  NOTE: 20221223: Module has been rewritten in Typescript since Buster 
released (lamby).
-  NOTE: 20230206: VCS: 
https://salsa.debian.org/lts-team/packages/node-nth-check.git
---
 nova
   NOTE: 20230302: Programming language: Python.
   NOTE: 20230302: VCS: https://salsa.debian.org/openstack-team/services/nova



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e938807f6a07844c7702a3e53c702c10e04f2492

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e938807f6a07844c7702a3e53c702c10e04f2492
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3428-1 for node-nth-check

Reply via email to