[Pkg-javascript-devel] Bug#800580: nodejs: CVE-2015-7384: HTTP Denial of Service Vulnerability
Jérémy Lal
kapouer at melix.org
Fri Oct 2 07:46:38 UTC 2015
2015-10-01 9:41 GMT+02:00 Salvatore Bonaccorso <carnil at debian.org>:
> Source: nodejs
> Version: 4.1.1~dfsg-2
> Severity: important
> Tags: security upstream
>
> Hi,
>
> the following CVE was published for nodejs on [0], but details and
> patches will by available on Monday the 5th of October 2015. But
> accordidng to upstrema 4.1.1 is affected, so filling this bug already.
>
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
Hi,
upstream is willing to coordinate the release of the fix, so i'll be able
to upload
a fixed version at about the same time as it is disclosed.
Jérémy.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-javascript-devel/attachments/20151002/3e100dc9/attachment.html>
More information about the Pkg-javascript-devel
mailing list