[Git][security-tracker-team/security-tracker][master] Reserve DLA-3428-1 for node-nth-check

Bastien Roucariès (@rouca) rouca at debian.org
Sat May 20 22:02:20 BST 2023 


Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e938807f by Bastien Roucariès at 2023-05-20T21:01:59+00:00
Reserve DLA-3428-1 for node-nth-check

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -127269,7 +127269,6 @@ CVE-2021-41079 (Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1
 CVE-2021-3803 (nth-check is vulnerable to Inefficient Regular Expression Complexity)
 	- node-nth-check 2.0.1-1
 	[bullseye] - node-nth-check 2.0.0-1+deb11u1
-	[buster] - node-nth-check <no-dsa> (Minor issue)
 	[stretch] - node-nth-check <end-of-life> (Nodejs in stretch not covered by security support)
 	NOTE: https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726 (v2.0.1)
 	NOTE: https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0/


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[20 May 2023] DLA-3428-1 node-nth-check - security update
+	{CVE-2021-3803}
+	[buster] - node-nth-check 1.0.1-1+deb10u1
 [20 May 2023] DLA-3427-1 texlive-bin - security update
 	{CVE-2023-32700}
 	[buster] - texlive-bin 2018.20181218.49446-1+deb10u1


=====================================
data/dla-needed.txt
=====================================
@@ -97,12 +97,6 @@ node-got
   NOTE: 20221223: Module has been rewritten in Typescript since Buster released (lamby).
   NOTE: 20230206: VCS: https://salsa.debian.org/lts-team/packages/node-got.git
 --
-node-nth-check (rouca)
-  NOTE: 20221111: Programming language: JavaScript.
-  NOTE: 20221111: Follow fixes from bullseye 11.3 (Beuc/front-desk)
-  NOTE: 20221223: Module has been rewritten in Typescript since Buster released (lamby).
-  NOTE: 20230206: VCS: https://salsa.debian.org/lts-team/packages/node-nth-check.git
---
 nova
   NOTE: 20230302: Programming language: Python.
   NOTE: 20230302: VCS: https://salsa.debian.org/openstack-team/services/nova



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e938807f6a07844c7702a3e53c702c10e04f2492

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e938807f6a07844c7702a3e53c702c10e04f2492
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230520/f376441b/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list