[Git][security-tracker-team/security-tracker][master] nodejs fixed

Moritz Muehlenhoff jmm at debian.org
Wed Sep 11 11:26:14 BST 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
624e5151 by Moritz Muehlenhoff at 2019-09-11T10:25:56Z
nodejs fixed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -20613,7 +20613,7 @@ CVE-2019-9514 (Some HTTP/2 implementations are vulnerable to a reset flood, pote
 	- golang <removed>
 	[jessie] - golang <not-affected> (No HTTP2 support yet)
 	- golang-golang-x-net-dev 1:0.0+git20190811.74dc4d7+dfsg-1
-	- nodejs <unfixed> (bug #934885)
+	- nodejs 10.16.3~dfsg-1 (bug #934885)
 	[stretch] - nodejs <not-affected> (No HTTP2 support yet)
 	[jessie] - nodejs <not-affected> (No HTTP2 support yet)
 	- trafficserver 8.0.5+ds-1 (bug #934887)
@@ -20631,7 +20631,7 @@ CVE-2019-9513 (Some HTTP/2 implementations are vulnerable to resource loops, pot
 	{DSA-4511-1 DSA-4505-1}
 	- nginx 1.14.2-3 (bug #935037)
 	[jessie] - nginx <not-affected> (HTTP2 support only exists since version 1.9.5)
-	- nodejs <unfixed> (bug #934885)
+	- nodejs 10.16.3~dfsg-1 (bug #934885)
 	[stretch] - nodejs <not-affected> (No HTTP2 support yet)
 	[jessie] - nodejs <not-affected> (No HTTP2 support yet)
 	- nghttp2 1.39.2-1
@@ -20666,7 +20666,7 @@ CVE-2019-9511 (Some HTTP/2 implementations are vulnerable to window size manipul
 	{DSA-4511-1 DSA-4505-1}
 	- nginx 1.14.2-3 (bug #935037)
 	[jessie] - nginx <not-affected> (HTTP2 support only exists since version 1.9.5)
-	- nodejs <unfixed> (bug #934885)
+	- nodejs 10.16.3~dfsg-1 (bug #934885)
 	[stretch] - nodejs <not-affected> (No HTTP2 support yet)
 	[jessie] - nodejs <not-affected> (No HTTP2 support yet)
 	- nghttp2 1.39.2-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/624e5151be54ba2ed09631f4f718a0d3792bdfd8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/624e5151be54ba2ed09631f4f718a0d3792bdfd8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190911/220feacb/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list