[Git][security-tracker-team/security-tracker][master] Track proposed update for node-xmldom via bullseye-pu
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Nov 24 10:40:21 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d4ebd871 by Salvatore Bonaccorso at 2022-11-24T11:39:52+01:00
Track proposed update for node-xmldom via bullseye-pu
- - - - -
2 changed files:
- data/CVE/list
- data/next-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -19566,6 +19566,7 @@ CVE-2022-39354 (SputnikVM, also called evm, is a Rust implementation of Ethereum
NOT-FOR-US: Rust crate evm
CVE-2022-39353 (xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) ...)
- node-xmldom 0.8.6-1 (bug #1024736)
+ [bullseye] - node-xmldom <no-dsa> (Minor issue)
NOTE: https://github.com/xmldom/xmldom/security/advisories/GHSA-crh6-fp67-6883
NOTE: https://github.com/jindw/xmldom/issues/150
CVE-2022-39352 (OpenFGA is a high-performance authorization/permission engine inspired ...)
=====================================
data/next-point-update.txt
=====================================
@@ -66,3 +66,5 @@ CVE-2022-21689
[bullseye] - onionshare 2.2-3+deb11u1
CVE-2020-29260
[bullseye] - libvncserver 0.9.13+dfsg-2+deb11u1
+CVE-2022-39353
+ [bullseye] - node-xmldom 0.5.0-1+deb11u2
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4ebd87116ba93a5dd5d97af595606f155442497
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4ebd87116ba93a5dd5d97af595606f155442497
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221124/3b1b9627/attachment.htm>
More information about the debian-security-tracker-commits
mailing list