[Git][security-tracker-team/security-tracker][master] CVE-2024-12905/node-tar-fs: follow secteam triage
Sylvain Beucler (@beuc)
gitlab at salsa.debian.org
Thu Apr 10 11:07:59 BST 2025
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
51f598ae by Sylvain Beucler at 2025-04-10T12:07:52+02:00
CVE-2024-12905/node-tar-fs: follow secteam triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5729,6 +5729,7 @@ CVE-2024-55070 (A Broken Object Level Authorization vulnerability in the compone
CVE-2024-12905 (An Improper Link Resolution Before File Access ("Link Following") and ...)
- node-tar-fs 3.0.8+~cs2.0.4-1 (bug #1101501)
[bookworm] - node-tar-fs <no-dsa> (Minor issue)
+ [bullseye] - node-tar-fs <postponed> (Minor issue)
NOTE: https://github.com/advisories/GHSA-pq67-2wwv-3xjx
NOTE: https://github.com/mafintosh/tar-fs/commit/fd1634e869e7c5f85948e95eabdaa8451a085de5 (v2.1.2)
NOTE: https://github.com/mafintosh/tar-fs/commit/a1dd7e7c7f4b4a8bd2ab60f513baca573b44e2ed (v3.0.7)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51f598aea392031300f6a0a919f7d4cdaf6cbb7f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51f598aea392031300f6a0a919f7d4cdaf6cbb7f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250410/83c7f355/attachment.htm>
More information about the debian-security-tracker-commits
mailing list