2015-10-01 9:41 GMT+02:00 Salvatore Bonaccorso <car...@debian.org>:

> Source: nodejs
> Version: 4.1.1~dfsg-2
> Severity: important
> Tags: security upstream
> Hi,
> the following CVE was published for nodejs on [0], but details and
> patches will by available on Monday the 5th of October 2015. But
> accordidng to upstrema 4.1.1 is affected, so filling this bug already.
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.


upstream is willing to coordinate the release of the fix, so i'll be able
to upload
a fixed version at about the same time as it is disclosed.

Pkg-javascript-devel mailing list

Reply via email to