[Git][security-tracker-team/security-tracker][master] Reserve DLA-3247-1 for node-trim-newlines

Fri Dec 23 08:55:29 GMT 2022


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d5590d83 by Chris Lamb at 2022-12-23T08:54:59+00:00
Reserve DLA-3247-1 for node-trim-newlines

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -115075,7 +115075,6 @@ CVE-2021-33624 (In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a b
 CVE-2021-33623 (The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.j ...)
 	- node-trim-newlines 3.0.0+~3.0.0-1
 	[bullseye] - node-trim-newlines 3.0.0-1+deb11u1
-	[buster] - node-trim-newlines <no-dsa> (Minor issue)
 	[stretch] - node-trim-newlines <end-of-life> (Nodejs in stretch not covered by security support)
 	NOTE: https://github.com/advisories/GHSA-7p7h-4mm5-852v
 	NOTE: https://github.com/sindresorhus/trim-newlines/commit/25246c6ce5eea1c82d448998733a6302a4350d91 (v4.0.1)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[23 Dec 2022] DLA-3247-1 node-trim-newlines - security update
+	{CVE-2021-33623}
+	[buster] - node-trim-newlines 1.0.0-1+deb10u1
 [23 Dec 2022] DLA-3246-1 node-hawk - security update
 	{CVE-2022-29167}
 	[buster] - node-hawk 6.0.1+dfsg-1+deb10u1


=====================================
data/dla-needed.txt
=====================================
@@ -182,10 +182,6 @@ node-object-path
   NOTE: 20221111: Follow fixes from bullseye 11.1 (Beuc/front-desk)
   NOTE: 20221223: Functional part of CVE-2021-3805 might be https://gist.github.com/lamby/ebf0633837f16d174138bbf36bef38f3/raw (lamby)
 --
-node-trim-newlines (Chris Lamb)
-  NOTE: 20221111: Programming language: JavaScript.
-  NOTE: 20221111: Follow fixes from bullseye 11.3 (Beuc/front-desk)
---
 node-url-parse
   NOTE: 20221111: Programming language: JavaScript.
   NOTE: 20221111: Follow fixes from bullseye 11.4 + check postponed issues (Beuc/front-desk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5590d836d03432d5a67c83a6d812156bd711c37

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5590d836d03432d5a67c83a6d812156bd711c37
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221223/8ddeec2d/attachment-0001.htm>
