[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2022-37601/node-loader-utils as no-dsa

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Nov 10 11:35:14 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9e2378e1 by Salvatore Bonaccorso at 2022-11-10T12:34:31+01:00
Mark CVE-2022-37601/node-loader-utils as no-dsa

- - - - -
b49f0984 by Salvatore Bonaccorso at 2022-11-10T12:34:50+01:00
Track proposed node-loader-utils update via bullseye-pu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -22166,6 +22166,7 @@ CVE-2022-37602 (Prototype pollution vulnerability in karma-runner grunt-karma 4.
 	NOT-FOR-US: karma-runner grunt-karma
 CVE-2022-37601 (Prototype pollution vulnerability in function parseQuery in parseQuery ...)
 	- node-loader-utils 2.0.3-1
+	[bullseye] - node-loader-utils <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://github.com/webpack/loader-utils/issues/212
 	NOTE: https://github.com/webpack/loader-utils/commit/a93cf6f4702012030f6b5ee8340d5c95ec1c7d4c (v2.0.3)
 CVE-2022-37600


=====================================
data/next-point-update.txt
=====================================
@@ -54,3 +54,5 @@ CVE-2022-2996
 	[bullseye] - python-scciclient 0.8.0-2+deb11u1
 CVE-2021-40241
 	[bullseye] - xfig 1:3.2.8-3+deb11u1
+CVE-2022-37601
+	[bullseye] - node-loader-utils 2.0.0-1+deb11u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1e284f7425b9ac6ec8e88447c2ad33042866931a...b49f09840c1104ea34fbe48dde73f0b6875f6e4a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1e284f7425b9ac6ec8e88447c2ad33042866931a...b49f09840c1104ea34fbe48dde73f0b6875f6e4a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221110/9cf2690d/attachment.htm>

More information about the debian-security-tracker-commits mailing list