[Git][security-tracker-team/security-tracker][master] node-undici fixed in sid
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Apr 5 13:53:41 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a89342c3 by Moritz Muehlenhoff at 2024-04-05T14:53:15+02:00
node-undici fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -85,13 +85,13 @@ CVE-2024-30266 (wasmtime is a runtime for WebAssembly. The 19.0.0 release of Was
CVE-2024-30263 (macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. ...)
NOT-FOR-US: PDF Viewer Macro for XWiki
CVE-2024-30261 (Undici is an HTTP/1.1 client, written from scratch for Node.js. An att ...)
- - node-undici <unfixed>
+ - node-undici 5.28.4+dfsg1+~cs23.12.11-1
NOTE: https://github.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672
NOTE: https://github.com/nodejs/undici/commit/2b39440bd9ded841c93dd72138f3b1763ae26055 (v5.28.4)
NOTE: https://github.com/nodejs/undici/commit/d542b8cd39ec1ba303f038ea26098c3f355974f3 (v6.11.1)
NOTE: https://hackerone.com/reports/2377760
CVE-2024-30260 (Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici ...)
- - node-undici <unfixed>
+ - node-undici 5.28.4+dfsg1+~cs23.12.11-1
NOTE: https://github.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7
NOTE: https://github.com/nodejs/undici/commit/64e3402da4e032e68de46acb52800c9a06aaea3f (v5.28.4)
NOTE: https://github.com/nodejs/undici/commit/6805746680d27a5369d7fb67bc05f95a28247d75 (v6.11.1)
@@ -13216,7 +13216,7 @@ CVE-2024-25113
CVE-2024-25083 (An issue was discovered in BeyondTrust Privilege Management for Window ...)
NOT-FOR-US: BeyondTrust
CVE-2024-24758 (Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici ...)
- - node-undici <unfixed> (bug #1064312)
+ - node-undici 5.28.4+dfsg1+~cs23.12.11-1 (bug #1064312)
[bookworm] - node-undici <no-dsa> (Minor issue)
NOTE: https://github.com/nodejs/undici/security/advisories/GHSA-3787-6prv-h9w3
NOTE: https://github.com/nodejs/undici/commit/b9da3e40f1f096a06b4caedbb27c2568730434ef (v6.6.1)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a89342c36c8eb6085720538f1c760321b56aeff3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a89342c36c8eb6085720538f1c760321b56aeff3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240405/f43a2886/attachment.htm>
More information about the debian-security-tracker-commits
mailing list