[Git][security-tracker-team/security-tracker][master] new javascript issues
Moritz Muehlenhoff
jmm at debian.org
Sat Jun 9 19:51:04 BST 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f160324a by Moritz Muehlenhoff at 2018-06-09T20:50:43+02:00
new javascript issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -36712,11 +36712,12 @@ CVE-2016-10541 (The npm module "shell-quote" 1.6.0 and earlier cannot
CVE-2016-10540 (Minimatch is a minimal matching utility that works by converting glob ...)
TODO: check
CVE-2016-10539 (negotiator is an HTTP content negotiator for Node.js and is used by ...)
- TODO: check
+ - node-negotiator 0.6.1-1 (unimportant)
+ NOTE: nodejs not covered by security support
CVE-2016-10538 (The package `node-cli` before 1.0.0 insecurely uses the lock_file and ...)
- TODO: check
+ - node-cli <unfixed> (unimportant; bug #809252)
CVE-2016-10537 (backbone is a module that adds in structure to a JavaScript heavy ...)
- TODO: check
+ - backbone 0.5.3-1
CVE-2016-10536 (engine.io-client is the client for engine.io, the implementation of a ...)
TODO: check
CVE-2016-10535 (csrf-lite is a cross-site request forgery protection library for ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f160324a54c66ba5c5223a0b15325d95e98ef9a5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f160324a54c66ba5c5223a0b15325d95e98ef9a5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180609/75c1a63e/attachment.html>
More information about the debian-security-tracker-commits
mailing list