[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1040679: bullseye-pu: package node-dottie/2.0.2-4+deb11u1

Control: tag -1 confirmed

On Sun, Jul 09, 2023 at 09:11:26AM +0400, Yadd wrote:
> [ Reason ]
> node-dottie is vulnerable to prototype pollution (#1040592,
> CVE-2023-26132)

By all means go ahead, but it can't be accepted until the situation in
testing is fixed up (unless we propogate the version from
bookworm-proposed-updates to testing).

Thanks,

-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
Reply to: