[SECURITY] [DLA 1995-1] angular.js security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : angular.js
Version : 1.2.26-1+deb8u1
CVE ID : CVE-2019-14863
Earlier versions of this package package were vulnerable to Cross-site
Scripting (XSS) due to no proper sanitization of xlink:href attributes.
For Debian 8 "Jessie", this problem has been fixed in version
1.2.26-1+deb8u1.
We recommend that you upgrade your angular.js packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEKpwfR8DOwu5vyB4TKpJZkldkSvoFAl3SOSUACgkQKpJZkldk
SvoLBA/5AQzBObw52YdziakKGtw/HQvan7IkShmTTezpNtaFAMlfbVS8hW9UDmuN
qHM8gO/LTGQyONx4VUjql7u9EVyVn6K9x1U3hmzzAoIfuHDk5+XxwlvrjYVun8lO
+w8H/OfHfTZEVdRhthVfkT2F3yDSAP4B45Aw+013IQ/YaAo/vAUDWOV05Ey5PnsI
HmgCSP1yaNRuEtC6RKNKWjZz8P9KV35qyL8vutifpW/sEL7qHQXFQ9Z5y566+Xp8
cxtItFqEGylCS2kwbNsnldrjO5Xu+LR7qWWpy4a9oJdzI1L9YbLV+iTBuDqmwiwh
hTfPzE1k9mYbJKkTe1bsk5QmmPydD9FD+Zq/YRVmlja5VzlpYtfS7pmR9xTbcI9o
cgKrDWG+7b7NDekFczrH2BMivRlFd+HHCMbNTEy3jFkcyDBTdy1m415K3zH/Otq1
h7c7NUVYEQmUl+Btncct/wtLs3wlw6ZCOB1qn0aNaaRIWq7PVCI2sgg+QDfsCz1g
+xDurvGc9G6V7vYwwisTu7OxwGJmGeP6qHzOICESWO7U+gktU8a5JtpdlJIBIvC1
YVQQ6x8uVc9qeRAs1dADEeOZru1fAN+GMBDdcPb0hTCVgV2R1LrhMw80jDHmofUN
spfvO8VLRy/BZVDItVVVqaF9ARHFkjYlk7dYbW6DkVMkp9FiAgE=
=pIcA
-----END PGP SIGNATURE-----
Reply to: