[Git][security-tracker-team/security-tracker][master] Triage CVE-2021-22959 in nodejs for stretch LTS.

Wed Oct 13 09:06:01 BST 2021


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2cf5a342 by Chris Lamb at 2021-10-13T09:05:30+01:00
Triage CVE-2021-22959 in nodejs for stretch LTS.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -46968,6 +46968,7 @@ CVE-2021-22960 [HTTP Request Smuggling when parsing the body]
 CVE-2021-22959 [HTTP Request Smuggling due to spaced in headers]
 	RESERVED
 	- nodejs <unfixed>
+	[stretch] - nodejs <end-of-life> (Nodejs in stretch not covered by security support)
 	NOTE: https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/#http-request-smuggling-due-to-spaced-in-headers-medium-cve-2021-22959
 CVE-2021-22958 (A Server-Side Request Forgery vulnerability was found in concrete5 &lt ...)
 	NOT-FOR-US: Concrete CMS



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2cf5a342c47b74aacad63f7bef7dbcd12fcdfc25

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2cf5a342c47b74aacad63f7bef7dbcd12fcdfc25
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211013/eb25ce4e/attachment.htm>
