FYI: The status of the rainbow.js source package
in Debian's testing distribution has changed.
Previous version: 1.1.8+ds1-1
Current version: 2.1.4+ds-1
--
This email is automatically generated once a day. As the installation of
new packages into testing happens multiple times a day you
FYI: The status of the node-y18n source package
in Debian's testing distribution has changed.
Previous version: 3.2.1-2
Current version: 4.0.0-1
--
This email is automatically generated once a day. As the installation of
new packages into testing happens multiple times a day you will
node-xmpp 0.3.2-4 is marked for autoremoval from testing on 2019-08-04
It is affected by these RC bugs:
921384: node-xmpp: node-stringprep breaks node-xmpp autopkgtest
--
Pkg-javascript-devel mailing list
Pkg-javascript-devel@alioth-lists.debian.net
Le 20/07/2019 à 22:23, Salvatore Bonaccorso a écrit :
> Hi Xavier,
>
> On Sat, Jul 20, 2019 at 05:44:05PM +0200, Xavier wrote:
>> Le 20/07/2019 à 06:32, Paolo Greppi a écrit :
>>> Package: node-mixin-deep
>>> Version: 1.1.3-3
>>> Severity: important
>>>
>>> Dear Maintainer,
>>>
>>>
Processing commands for cont...@bugs.debian.org:
> # The release team has announced that autopkgtest failure is now RC
> # https://lists.debian.org/debian-devel-announce/2019/07/msg2.html
> severity 901779 serious
Bug #901779 [src:debirf] debirf: autopkgtest fails because script is not
Hi Xavier,
On Sat, Jul 20, 2019 at 05:44:05PM +0200, Xavier wrote:
> Le 20/07/2019 à 06:32, Paolo Greppi a écrit :
> > Package: node-mixin-deep
> > Version: 1.1.3-3
> > Severity: important
> >
> > Dear Maintainer,
> >
> > node-mixin-deep 1.1.3-3 is affected by a prototype pollution
Your message dated Sat, 20 Jul 2019 16:42:02 +
with message-id
and subject line Bug#932500: fixed in node-mixin-deep 2.0.1-1
has caused the Debian Bug report #932500,
regarding vulnerability: CVE-2019-10746: prototype pollution
to be marked as done.
This means that you claim that the problem
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 20 Jul 2019 18:00:22 +0200
Source: node-mixin-deep
Architecture: source
Version: 2.0.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-By: Xavier Guimard
Closes:
node-mixin-deep_2.0.1-1_sourceonly.changes uploaded successfully to localhost
along with the files:
node-mixin-deep_2.0.1-1.dsc
node-mixin-deep_2.0.1.orig.tar.gz
node-mixin-deep_2.0.1-1.debian.tar.xz
Greetings,
Your Debian queue daemon (running on host usper.debian.org)
--
Processing control commands:
> tag -1 pending
Bug #932500 [node-mixin-deep] vulnerability: CVE-2019-10746: prototype pollution
Ignoring request to alter tags of bug #932500 to the same tags previously set
--
932500: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932500
Debian Bug Tracking
Processing control commands:
> tag -1 pending
Bug #932500 [node-mixin-deep] vulnerability: CVE-2019-10746: prototype pollution
Ignoring request to alter tags of bug #932500 to the same tags previously set
--
932500: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932500
Debian Bug Tracking
Processing commands for cont...@bugs.debian.org:
> tags 932500 + pending confirmed upstream
Bug #932500 [node-mixin-deep] vulnerability: CVE-2019-10746: prototype pollution
Added tag(s) confirmed, upstream, and pending.
> thanks
Stopping processing here.
Please contact me if you need assistance.
Le 20/07/2019 à 06:32, Paolo Greppi a écrit :
> Package: node-mixin-deep
> Version: 1.1.3-3
> Severity: important
>
> Dear Maintainer,
>
> node-mixin-deep 1.1.3-3 is affected by a prototype pollution vulnerability:
> https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212
>
On 2019, ജൂലൈ 20 4:17:16 PM IST, Nilesh Patra wrote:
>Hi
>While packaging node-mermaid and resolving relevant paths. I experience
>several of these errors:
>
>WARNING in ./src/themes ^\.\/.*\/index\.scss$
>Module not found: Error: Recursion in resolving
>Stack:
>resolve:
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 20 Jul 2019 13:23:40 +0200
Source: node-micromatch
Architecture: source
Version: 4.0.2-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-By: Xavier Guimard
Changes:
Version check failed:
Your upload included the source package node-to-regex-range, version 5.0.1-1,
however experimental already has version 5.0.1-1.
Uploads to experimental must have a higher version than present in experimental.
===
Please feel free to respond to this email if you don't
Version check failed:
Your upload included the source package node-to-regex, version
3.0.2+~2.0.2+~0.1.10-1,
however experimental already has version 3.0.2+~2.0.2+~0.1.10-1.
Uploads to experimental must have a higher version than present in experimental.
===
Please feel free to respond to
Version check failed:
Your upload included the source package node-fill-range, version 7.0.1-1,
however experimental already has version 7.0.1-1.
Uploads to experimental must have a higher version than present in experimental.
===
Please feel free to respond to this email if you don't
Version check failed:
Your upload included the source package node-braces, version 3.0.2-1,
however experimental already has version 3.0.2-1.
Uploads to experimental must have a higher version than present in experimental.
===
Please feel free to respond to this email if you don't understand
Le 20/07/2019 à 12:47, Nilesh Patra a écrit :
> Hi
> While packaging node-mermaid and resolving relevant paths. I experience
> several of these errors:
>
> WARNING in ./src/themes ^\.\/.*\/index\.scss$
> Module not found: Error: Recursion in resolving
> Stack:
> resolve:
>
node-micromatch_4.0.2-1_sourceonly.changes uploaded successfully to localhost
along with the files:
node-micromatch_4.0.2-1.dsc
node-micromatch_4.0.2.orig-extend-shallow.tar.gz
node-micromatch_4.0.2.orig-fill-range.tar.gz
node-micromatch_4.0.2.orig-is-number.tar.gz
node-braces_3.0.2-1_sourceonly.changes uploaded successfully to localhost
along with the files:
node-braces_3.0.2-1.dsc
node-braces_3.0.2.orig.tar.gz
node-braces_3.0.2-1.debian.tar.xz
Greetings,
Your Debian queue daemon (running on host usper.debian.org)
--
Pkg-javascript-devel
node-to-regex-range_5.0.1-1_sourceonly.changes uploaded successfully to
localhost
along with the files:
node-to-regex-range_5.0.1-1.dsc
node-to-regex-range_5.0.1.orig.tar.gz
node-to-regex-range_5.0.1-1.debian.tar.xz
Greetings,
Your Debian queue daemon (running on host
node-to-regex_3.0.2+~2.0.2+~0.1.10-1_sourceonly.changes uploaded successfully
to localhost
along with the files:
node-to-regex_3.0.2+~2.0.2+~0.1.10-1.dsc
node-to-regex_3.0.2+~2.0.2+~0.1.10.orig-regexptree.tar.gz
node-to-regex_3.0.2+~2.0.2+~0.1.10.orig-saferegex.tar.gz
node-fill-range_7.0.1-1_sourceonly.changes uploaded successfully to localhost
along with the files:
node-fill-range_7.0.1-1.dsc
node-fill-range_7.0.1.orig.tar.gz
node-fill-range_7.0.1-1.debian.tar.xz
Greetings,
Your Debian queue daemon (running on host usper.debian.org)
--
Hi
While packaging node-mermaid and resolving relevant paths. I experience
several of these errors:
WARNING in ./src/themes ^\.\/.*\/index\.scss$
Module not found: Error: Recursion in resolving
Stack:
resolve:
(/home/nilesh/mermaidpack/reversion/node-mermaid-8.1.0/node-mermaid)
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 20 Jul 2019 08:17:21 +0200
Source: should.js
Architecture: source
Version: 13.2.1~dfsg-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Javascript Maintainers
Changed-By: Xavier Guimard
Changes:
should.js_13.2.1~dfsg-1_sourceonly.changes uploaded successfully to localhost
along with the files:
should.js_13.2.1~dfsg-1.dsc
should.js_13.2.1~dfsg.orig-should-equal.tar.gz
should.js_13.2.1~dfsg.orig-should-format.tar.gz
should.js_13.2.1~dfsg.orig-should-type-adaptors.tar.gz
Le 20/07/2019 à 06:32, Paolo Greppi a écrit :
> Package: node-mixin-deep
> Version: 1.1.3-3
> Severity: important
>
> Dear Maintainer,
>
> node-mixin-deep 1.1.3-3 is affected by a prototype pollution vulnerability:
> https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212
>
Le 20/07/2019 à 07:11, Paolo Greppi a écrit :
> After filing https://bugs.debian.org/932500 I realized it would be great
> to have
> some automation in place to automatically pull vulnerabilities from
> https://snyk.io and turn them into CVE bugs in BTS.
>
> Thoughts ?
>
> Paolo
Hello,
our
30 matches
Mail list logo
