[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2021-27292/node-ua-parser-js
Salvatore Bonaccorso
carnil at debian.org
Sat Mar 20 07:37:29 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5fe19350 by Salvatore Bonaccorso at 2021-03-20T08:34:30+01:00
Add CVE-2021-27292/node-ua-parser-js
- - - - -
161af71f by Salvatore Bonaccorso at 2021-03-20T08:35:04+01:00
Mark CVE-2021-27292/node-ua-parser-js as no-dsa
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3731,7 +3731,10 @@ CVE-2021-27294
CVE-2021-27293
RESERVED
CVE-2021-27292 (ua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular expression ...)
- TODO: check
+ - node-ua-parser-js <unfixed>
+ [buster] - node-ua-parser-js <no-dsa> (Minor issue)
+ NOTE: https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76
+ NOTE: https://github.com/faisalman/ua-parser-js/commit/809439e20e273ce0d25c1d04e111dcf6011eb566
CVE-2021-27291 (In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming ...)
{DLA-2600-1}
- pygments <unfixed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e48ca56626dadab04230471f51f7697e707ad1c2...161af71f5f9e667484d055d5a8d29b36c87cf401
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e48ca56626dadab04230471f51f7697e707ad1c2...161af71f5f9e667484d055d5a8d29b36c87cf401
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210320/0c495654/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list