[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2024-55565/node-postcss

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d47a27db by Salvatore Bonaccorso at 2024-12-12T16:19:36+01:00
Track fixed version via unstable for CVE-2024-55565/node-postcss

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1715,7 +1715,7 @@ CVE-2024-55566 (ColPack 1.0.10 through 9a7293a has a 
predictable temporary file
        NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1225617
        NOTE: Negligible security impact with fs.protected_symlinks=1 being the 
standard in Debian
 CVE-2024-55565 (nanoid (aka Nano ID) before 5.0.9 mishandles non-integer 
values. 3.3.8 ...)
-       - node-postcss <unfixed>
+       - node-postcss 8.4.49+~cs9.2.32-1
        [bookworm] - node-postcss <no-dsa> (Minor issue)
        [bullseye] - node-postcss <postponed> (Minor issue; can be fixed in 
next update)
        NOTE: node-postcss bundles nanoid



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d47a27dbdfefa1fbfb517002cc9366b88ce51d72

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d47a27dbdfefa1fbfb517002cc9366b88ce51d72
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits