[Git][security-tracker-team/security-tracker][master] 2 commits: new node-marked issue

Moritz Muehlenhoff jmm at debian.org
Sun Jun 10 15:58:15 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
10b5078d by Moritz Muehlenhoff at 2018-06-10T16:56:16+02:00
new node-marked issue
NFUs

- - - - -
0bb27dba by Moritz Muehlenhoff at 2018-06-10T16:58:02+02:00
Merge branch 'master' of salsa.debian.org:security-tracker-team/security-tracker

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -36160,15 +36160,16 @@ CVE-2017-16119 (Fresh is a module used by the Express.js framework for HTTP resp
 CVE-2017-16118 (The forwarded module is used by the Express.js framework to handle the ...)
 	TODO: check
 CVE-2017-16117 (slug is a module to slugify strings, even if they contain unicode. ...)
-	TODO: check
+	NOT-FOR-US: slug node module
 CVE-2017-16116 (The string module is a module that provides extra string operations. ...)
-	TODO: check
+	NOT-FOR-US: string node module
 CVE-2017-16115 (The timespan module is vulnerable to regular expression denial of ...)
-	TODO: check
+	NOT-FOR-US: timespane node module
 CVE-2017-16114 (The marked module is vulnerable to a regular expression denial of ...)
-	TODO: check
+	- node-marked 0.3.9+dfsg-1 (unimportant)
+	NOTE: https://nodesecurity.io/advisories/531
 CVE-2017-16113 (The parsejson module is vulnerable to regular expression denial of ...)
-	TODO: check
+	NOT-FOR-US: parsejson node module
 CVE-2017-16112
 	RESERVED
 CVE-2017-16111 (The content module is a module to parse HTTP Content-* headers. It is ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/2bfcde29777b8330cd6526a2d35483c48ec234f3...0bb27dbadd2cbb25c26b8d6a975008064b60c2c6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/2bfcde29777b8330cd6526a2d35483c48ec234f3...0bb27dbadd2cbb25c26b8d6a975008064b60c2c6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180610/8ac313d8/attachment.html>

More information about the debian-security-tracker-commits mailing list