[Git][security-tracker-team/security-tracker][master] node-markdown-it spu
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Sat Jan 15 18:41:17 GMT 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1503764e by Moritz Mühlenhoff at 2022-01-15T19:40:54+01:00
node-markdown-it spu
- - - - -
2 changed files:
- data/CVE/list
- data/next-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -10252,6 +10252,7 @@ CVE-2022-21671 (@replit/crosis is a JavaScript client that speaks Replit's conta
NOT-FOR-US: crosis
CVE-2022-21670 (markdown-it is a Markdown parser. Prior to version 1.3.2, special patt ...)
- node-markdown-it <unfixed>
+ [bullseye] - node-markdown-it <no-dsa> (Minor issue)
NOTE: https://github.com/markdown-it/markdown-it/security/advisories/GHSA-6vfc-qv3f-vr6c
NOTE: https://github.com/markdown-it/markdown-it/commit/ffc49ab46b5b751cd2be0aabb146f2ef84986101 (12.3.2)
CVE-2022-21669 (PuddingBot is a group management bot. In version 0.0.6-b933652 and pri ...)
=====================================
data/next-point-update.txt
=====================================
@@ -34,3 +34,5 @@ CVE-2021-45116
[bullseye] - python-django 2:2.2.26-1~deb11u1
CVE-2021-45452
[bullseye] - python-django 2:2.2.26-1~deb11u1
+CVE-2022-21670
+ [bullseye] - node-markdown-it 10.0.0+dfsg-2+deb11u1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1503764e63cbd6e1354cd1871b0283e79e1d781a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1503764e63cbd6e1354cd1871b0283e79e1d781a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220115/08fe2c22/attachment.htm>
More information about the debian-security-tracker-commits
mailing list