[Git][security-tracker-team/security-tracker][master] CVE-2021-44906/node-minimist: stretch end-of-life
Sylvain Beucler (@beuc)
beuc at debian.org
Thu Mar 31 09:34:45 BST 2022
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1a73898b by Sylvain Beucler at 2022-03-31T10:34:22+02:00
CVE-2021-44906/node-minimist: stretch end-of-life
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -22481,6 +22481,7 @@ CVE-2021-44906 (Minimist <=1.2.5 is vulnerable to Prototype Pollution via fil
- node-minimist 1.2.6+~cs5.3.2-1
[bullseye] - node-minimist <no-dsa> (Minor issue)
[buster] - node-minimist <no-dsa> (Minor issue)
+ [stretch] - node-minimist <end-of-life> (Nodejs in stretch not covered by security support)
NOTE: https://github.com/substack/minimist/issues/164
NOTE: https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
NOTE: The initial fix for prototype pollution (cf. SNYK-JS-MINIMIST-559764) in setKey()
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a73898b859cfc84531eeac31468c91e06301cad
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a73898b859cfc84531eeac31468c91e06301cad
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220331/bc652d9d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list