[Git][security-tracker-team/security-tracker][master] Triage CVE-2022-21227 in node-sqlite3 for stretch LTS.
Chris Lamb (@lamby)
lamby at debian.org
Sun May 1 17:22:05 BST 2022
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
16bc350e by Chris Lamb at 2022-05-01T09:21:33-07:00
Triage CVE-2022-21227 in node-sqlite3 for stretch LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11365,6 +11365,7 @@ CVE-2022-21230
CVE-2022-21227 [Denial-of-Service due to fatal error when binding invalid parameters]
RESERVED
- node-sqlite3 5.0.6+ds1-1
+ [stretch] - node-sqlite3 <end-of-life> (Nodejs in stretch not covered by security support)
NOTE: https://github.com/advisories/GHSA-9qrh-qjmc-5w2p
NOTE: Fixed by: https://github.com/TryGhost/node-sqlite3/commit/593c9d498be2510d286349134537e3bf89401c4a (v5.0.3)
NOTE: https://security.snyk.io/vuln/SNYK-JS-SQLITE3-2388645
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16bc350e154722f988cc8b811f8214aab9b05956
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16bc350e154722f988cc8b811f8214aab9b05956
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220501/5d1ad922/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list