Processed: Re: Bug#1022122: bullseye-pu: package node-minimatch/3.0.4+~3.0.3-1+deb11u1
Processing control commands: > tags -1 + confirmed Bug #1022122 [release.debian.org] bullseye-pu: package node-minimatch/3.0.4+~3.0.3-1+deb11u1 Added tag(s) confirmed. -- 1022122: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022122 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1022122: bullseye-pu: package node-minimatch/3.0.4+~3.0.3-1+deb11u1
Control: tags -1 + confirmed On Thu, 2022-10-20 at 17:22 +0200, Yadd wrote: > node-minimatch is vulnerable to ReDoS > Please go ahead. Regards, Adam
Bug#1022122: bullseye-pu: package node-minimatch/3.0.4+~3.0.3-1+deb11u1
Package: release.debian.org Severity: normal Tags: bullseye User: release.debian@packages.debian.org Usertags: pu [ Reason ] node-minimatch is vulnerable to ReDoS [ Impact ] Medium security issue [ Tests ] New tests included in patch, passed [ Risks ] Low risk, patch is not so big and test passed [ Checklist ] [X] *all* changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in (old)stable [X] the issue is verified as fixed in unstable [ Changes ] Improve ReDoS protection and add more tests Cheers, Yadd