[Pkg-javascript-devel] node-tar_6.0.5+ds1+~cs11.3.9-1+deb11u2_sourceonly.changes ACCEPTED into proposed-updates->stable-new, proposed-updates

Debian FTP Masters ftpmaster at ftp-master.debian.org
Mon Nov 15 19:17:20 GMT 2021



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 11 Nov 2021 09:00:28 +0100
Source: node-tar
Architecture: source
Version: 6.0.5+ds1+~cs11.3.9-1+deb11u2
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel at lists.alioth.debian.org>
Changed-By: Yadd <yadd at debian.org>
Changes:
 node-tar (6.0.5+ds1+~cs11.3.9-1+deb11u2) bullseye-security; urgency=medium
 .
   * Team upload
   * Fix insufficient symlink protection (Closes: CVE-2021-37701)
   * Fix arbitrary file creation/overwrite and arbitrary code execution
     vulnerability (Closes: CVE-2021-37712)
   * Don't apply umask when uncompressing to avoid creating world writable
     directories
Checksums-Sha1: 
 1096e38cfb7681045c783c3ec02ba791508f258c 3602 node-tar_6.0.5+ds1+~cs11.3.9-1+deb11u2.dsc
 24db077a0a6c3c707c576aa218cc18adef0d34ac 35270 node-tar_6.0.5+ds1+~cs11.3.9.orig-fs-minipass.tar.gz
 601a95c4cb1d2976072c1720338de85757fc7a74 50240 node-tar_6.0.5+ds1+~cs11.3.9.orig-minipass.tar.gz
 516fc8a8b9661b375ecb00113f1c6165dd43b623 186712 node-tar_6.0.5+ds1+~cs11.3.9.orig-minizlib.tar.gz
 d680de60855e7778a51c672b755869a3b8d2889f 6436 node-tar_6.0.5+ds1+~cs11.3.9.orig-types-tar.tar.gz
 4584c124b9210e4e1db8dca5ec1a48da8ffd9c93 190376 node-tar_6.0.5+ds1+~cs11.3.9.orig.tar.gz
 0dc23bcb54e2d60eaba3fd1c20883a67425a6792 16412 node-tar_6.0.5+ds1+~cs11.3.9-1+deb11u2.debian.tar.xz
Checksums-Sha256: 
 13a20e64cdabf864fba437341d13d05ffb51358c1a345a0053c34a7e6543634e 3602 node-tar_6.0.5+ds1+~cs11.3.9-1+deb11u2.dsc
 83cf7dc113dacdbe3a2d05753edde01c37256cc97167ea5a8086ab85a78f2efd 35270 node-tar_6.0.5+ds1+~cs11.3.9.orig-fs-minipass.tar.gz
 496598d78b824ddb3116c4a4fe0123516b318eab820d0ee80cb892ef3ba0c4c9 50240 node-tar_6.0.5+ds1+~cs11.3.9.orig-minipass.tar.gz
 296f5e559312e7a4dd871e1cdad27d50d9d0518a548ae870dffb678ff2ecae7e 186712 node-tar_6.0.5+ds1+~cs11.3.9.orig-minizlib.tar.gz
 e59a412960136fd1b0a303a7284d849eec4de7658627083058c9caf1ebb28d03 6436 node-tar_6.0.5+ds1+~cs11.3.9.orig-types-tar.tar.gz
 042ca18da6d5dfc2c41aa0169abac8ae70497fb5b340c8fe5b71aa47705606d9 190376 node-tar_6.0.5+ds1+~cs11.3.9.orig.tar.gz
 9c7f680ad11f0162426f28fd194d099da73afda2b5925aa8ca8fc37326811113 16412 node-tar_6.0.5+ds1+~cs11.3.9-1+deb11u2.debian.tar.xz
Files: 
 065d86cdcd701735ee95ebba64457738 3602 javascript optional node-tar_6.0.5+ds1+~cs11.3.9-1+deb11u2.dsc
 4885211b9cf2f530a54e6a725cc9556f 35270 javascript optional node-tar_6.0.5+ds1+~cs11.3.9.orig-fs-minipass.tar.gz
 b49657e3714f92ab73a7deb5aca36f53 50240 javascript optional node-tar_6.0.5+ds1+~cs11.3.9.orig-minipass.tar.gz
 389dc4b3f49e5c28a485f2243aa021c6 186712 javascript optional node-tar_6.0.5+ds1+~cs11.3.9.orig-minizlib.tar.gz
 50edb82b89a507117b023acd19c4ba44 6436 javascript optional node-tar_6.0.5+ds1+~cs11.3.9.orig-types-tar.tar.gz
 9bab2016cc7ba17b4cf688ce8910bde2 190376 javascript optional node-tar_6.0.5+ds1+~cs11.3.9.orig.tar.gz
 3ed4e486e92bab65e7407f555c84ce9f 16412 javascript optional node-tar_6.0.5+ds1+~cs11.3.9-1+deb11u2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEAN/li4tVV3nRAF7J9tdMp8mZ7ukFAmGNUrYACgkQ9tdMp8mZ
7unx2w/+PCwLIMmPRg9hxkISpNOoqE06Cm4RhmwlNAkDd8LJedTz5nRhFxvQ/EvM
QsOSl1kAdrrfWSc/CNmMIL8RouKxue6s32m9sZ5QxHTrc1E7cTAHObA1u3URC0Bo
FbL4G5eAOJBtC2+IPbAOJBxFHh660rOmdtyxp6oxmD43nnHfSFB4qGBHijuyrnXQ
HOF+3FfV0lg66WY3vsMrLQdofuA5Js4Pr7ATlh/hzBJmsXcx9Sx8vTI1JQpCVkMe
BXmJSAIbgxyIexPnLRx+S33ONjNHEnJb3pwkUrbNhz1omoBvE4yy6mHT/hA2/E7y
ylohD+S0vjPb78HX7xH9WMs3Oid8ey7E+FU/PgwoowvppMfB0qBC95SkBQAmuPa/
3J8YcbatTlgrZc3IQNEda0dZ+dyiSOyru0Qmvn3jr3AmQLasiPUdzvRJdv38HkmW
EEI0cgpSj4bjAhk/8n/Olw3n2T23rKhp2YmTDQoSCUEtwBiiTDu5wlG2SihX6qRO
qfBs5Wv9qT7S4sWPWgfeFPsWVXBJ+cJYZ9wLf7v0dm6lvHyDan5CmtVCtmobfeBb
j9MjYm1T+FpnrWPO+M1tgb7fvGVL28MJKDDj90N0VXnsZR5OrJ1AQ60IRans/gFs
FmHkq/Ss2F9Kg3icm41d11mh1Mjb3K88CLN5s8Ou0myM/d7Lv3U=
=b4YF
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.



More information about the Pkg-javascript-devel mailing list