2015-10-01 9:41 GMT+02:00 Salvatore Bonaccorso <car...@debian.org>:
> Source: nodejs
> Version: 4.1.1~dfsg-2
> Severity: important
> Tags: security upstream
> the following CVE was published for nodejs on , but details and
> patches will by available on Monday the 5th of October 2015. But
> accordidng to upstrema 4.1.1 is affected, so filling this bug already.
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
upstream is willing to coordinate the release of the fix, so i'll be able
a fixed version at about the same time as it is disclosed.