[Git][security-tracker-team/security-tracker][master] 2 commits: Track proposed update for node-dot via buster-pu

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cd83d413 by Salvatore Bonaccorso at 2020-03-21T10:25:57+01:00
Track proposed update for node-dot via buster-pu

- - - - -
64b24e5c by Salvatore Bonaccorso at 2020-03-21T10:26:31+01:00
Mark CVE-2020-8141/node-dot

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -5938,6 +5938,7 @@ CVE-2020-8142
 	RESERVED
 CVE-2020-8141 (The dot package v1.1.2 uses Function() to compile templates. This can  ...)
 	- node-dot 1.1.3+ds-1
+	[buster] - node-dot <no-dsa> (Will be fixed via point release)
 	NOTE: https://hackerone.com/reports/390929
 CVE-2020-8140 (A code injection in Nextcloud Desktop Client 2.6.2 for macOS allowed t ...)
 	TODO: check


=====================================
data/next-point-update.txt
=====================================
@@ -53,3 +53,5 @@ CVE-2020-9543
 	[buster] - manila 1:7.0.0-1+deb10u1
 CVE-2019-13453
 	[buster] - zipios++ 0.1.5.9+cvs.2007.04.28-10+deb10u1
+CVE-2020-8141
+	[buster] - node-dot 1.1.1-1+deb10u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/07fa609c26f6879dc58e94bad08e691dc8645c1c...64b24e5c2ffebff9497c33b905a00637b702e1b1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/07fa609c26f6879dc58e94bad08e691dc8645c1c...64b24e5c2ffebff9497c33b905a00637b702e1b1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200321/2547ed51/attachment.html>