Processing commands for cont...@bugs.debian.org:
> tags 926670 + upstream fixed-upstream
Bug #926670 [src:node-xterm] CVE-2019-0542
Added tag(s) fixed-upstream and upstream.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
926670:
Source: node-xterm
Severity: grave
Tags: security
Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0542
Cheers,
Moritz
--
Pkg-javascript-devel mailing list
Pkg-javascript-devel@alioth-lists.debian.net
node-deep-extend 0.4.1-2 is unblocked
Message transféré
Sujet : Bug#926650 closed by Ivo De Decker
(unblock node-deep-extend)
Date : Mon, 08 Apr 2019 14:36:04 +
De : Debian Bug Tracking System
Répondre à : 926...@bugs.debian.org
Pour : Xavier Guimard
This is an
Your message dated Mon, 08 Apr 2019 13:18:48 +
with message-id
and subject line Bug#926616: fixed in node-deep-extend 0.4.1-2
has caused the Debian Bug report #926616,
regarding CVE-2018-3750: Prototype Pollution
to be marked as done.
This means that you claim that the problem has been dealt
Processing control commands:
> tag -1 pending
Bug #926616 [node-deep-extend] CVE-2018-3750: Prototype Pollution
Added tag(s) pending.
--
926616: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926616
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package node-deep-extend
Hi all,
node-deep-extend is vulnerable to CVE-2018-3750 [1]. This vulnerability
has been tagged as unimportant, however patch is simple and package
Processing commands for cont...@bugs.debian.org:
> tags 926616 + upstream
Bug #926616 [node-deep-extend] CVE-2018-3750: Prototype Pollution
Added tag(s) upstream.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
926616:
Quick research:
https://www.npmjs.com/advisories/612
node-deep-extend popcon = ~1900
apt-cache rdepends node-deep-extend
node-deep-extend
Reverse Depends:
node-rc
the watch file for node-rc is not picking up new releases because upstream uses
the commit message to tag them instead of a
Processing control commands:
> tags -1 + security
Bug #926616 [node-deep-extend] CVE-2018-3750: Prototype Pollution
Added tag(s) security.
--
926616: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926616
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
Control: tags -1 + security
Le 08/04/2019 à 00:22, Jeff Cliff a écrit :
> Package: node-deep-extend
> Version: 0.4.1-1
> Severity: important
>
> Dear Maintainer,
>
> As per the ubuntu bug report:
>
> from https://snyk.io/vuln/npm:deep-extend:20180409 :
>
> deep-extend "all the listed modules
10 matches
Mail list logo