[Git][security-tracker-team/security-tracker][master] node-tar-fs fixed in sid
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Jun 3 19:20:27 BST 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
83ca3e8a by Moritz Muehlenhoff at 2025-06-03T20:19:33+02:00
node-tar-fs fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -140,7 +140,7 @@ CVE-2025-48495 (Gokapi is a self-hosted file sharing server with automatic expir
CVE-2025-48494 (Gokapi is a self-hosted file sharing server with automatic expiration ...)
NOT-FOR-US: Gokapi
CVE-2025-48387 (tar-fs provides filesystem bindings for tar-stream. Versions prior to ...)
- - node-tar-fs <unfixed>
+ - node-tar-fs 3.0.9+~cs2.0.4-1
NOTE: https://github.com/mafintosh/tar-fs/security/advisories/GHSA-8cj5-5rvv-wf4v
NOTE: Fixed by: https://github.com/mafintosh/tar-fs/commit/647447b572bc135c41035e82ca7b894f02b17f0f (v3.0.9)
CVE-2025-47585 (Missing Authorization vulnerability in Mage people team Booking and Re ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83ca3e8adb6cd2d27a89420915d238a2920e9c33
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83ca3e8adb6cd2d27a89420915d238a2920e9c33
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250603/9154f427/attachment.htm>
More information about the debian-security-tracker-commits
mailing list