Control: tags -1 + confirmed
On Wed, 2021-05-26 at 12:45 +0200, Yadd wrote:
> Here is the missing debdiff
Please go ahead.
Regards,
Adam
Here is the missing debdiff
diff --git a/debian/changelog b/debian/changelog
index d8d3387..20f5a00 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+node-ws (1.1.0+ds1.e6ddaae4-5+deb10u1) buster; urgency=medium
+
+ * Team upload
+ * Fix ReDoS vulnerability (Closes:
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
[ Reason ]
node-ws is vulnerable to re regex denial of service (ReDoS)
(CVE-2021-32640).
[ Impact ]
A specially crafted value of the `Sec-Websocket-Protocol` header could
be used
3 matches
Mail list logo
