[Secure-testing-commits] r39979 - data/CVE

[Paul Wise]

Author: pabs
Date: 2016-02-27 09:56:11 +0000 (Sat, 27 Feb 2016)
New Revision: 39979

Modified:
   data/CVE/list
Log:
regex DoS in node-moment

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-02-27 09:51:13 UTC (rev 39978)
+++ data/CVE/list	2016-02-27 09:56:11 UTC (rev 39979)
@@ -1,3 +1,8 @@
+CVE-2016-XXXX [regular expression DoS]
+	- node-moment <unfixed>
+	NOTE: fixed in 2.11.2
+	NOTE: https://github.com/moment/moment/pull/2939
+	NOTE: https://nodesecurity.io/advisories/55
 CVE-2016-XXXX [runuser tty hijacking via TIOCSTI ioctl]
 	- util-linux <unfixed> (bug #815922)
 	[wheezy] - util-linux <not-affected> (runuser[.c] not yet present)