Processing control commands:
> tags -1 + confirmed
Bug #954398 [release.debian.org] buster-pu: package node-dot/1.1.1-1+deb10u1
Added tag(s) confirmed.
--
954398: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954398
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tags -1 + confirmed
On Sat, 2020-03-21 at 09:29 +0100, Xavier Guimard wrote:
> node-dot ≤ 1.1.2 is vulnerable to code execution after prototype
> pollution. I imported upstream fix and wrote a basic test to verify
> that CVE is really fixed.
>
Please go ahead.
Regards,
Adam
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Hi,
node-dot ≤ 1.1.2 is vulnerable to code execution after prototype
pollution. I imported upstream fix and wrote a basic test to verify that
CVE is really fixed.
Cheers,
Xavier
3 matches
Mail list logo