[Git][security-tracker-team/security-tracker][master] node-loader-utils fixed in sid
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Nov 14 11:20:10 GMT 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f718a129 by Moritz Muehlenhoff at 2022-11-14T12:19:43+01:00
node-loader-utils fixed in sid
fix typo
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -22485,7 +22485,7 @@ CVE-2022-37601 (Prototype pollution vulnerability in function parseQuery in pars
CVE-2022-37600
RESERVED
CVE-2022-37599 (A Regular expression denial of service (ReDoS) flaw was found in Funct ...)
- - node-loader-utils <unfixed>
+ - node-loader-utils 2.0.4-1
NOTE: https://github.com/webpack/loader-utils/issues/211
CVE-2022-37598 (Prototype pollution vulnerability in function DEFNODE in ast.js in mis ...)
- uglify-js <unfixed> (unimportant)
@@ -45379,8 +45379,8 @@ CVE-2022-29404 (In Apache HTTP Server 2.4.53 and earlier, a malicious request to
NOTE: https://github.com/apache/httpd/commit/ce259c4061905bf834f9af51c92456cfe8335ddc
CVE-2022-1381 (global heap buffer overflow in skip_range in GitHub repository vim/vim ...)
- vim 2:8.2.4793-1
- [bullseye] - vim <not-affected> (affects visual range prasing, which was added in 8.2.4633)
- [buster] - vim <not-affected> (affects visual range prasing, which was added in 8.2.4633)
+ [bullseye] - vim <not-affected> (affects visual range parsing, which was added in 8.2.4633)
+ [buster] - vim <not-affected> (affects visual range parsing, which was added in 8.2.4633)
NOTE: https://huntr.dev/bounties/55f9c0e8-c221-48b6-a00e-bdcaebaba4a4/
NOTE: https://github.com/vim/vim/commit/f50808ed135ab973296bca515ae4029b321afe47 (v8.2.4763)
CVE-2022-29403
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f718a1291a83a955dd17767752ad9a84682de74c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f718a1291a83a955dd17767752ad9a84682de74c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221114/97f2dc4a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list