[Pkg-javascript-devel] nodejs_12.22.12~dfsg-1~deb11u2_source.changes ACCEPTED into proposed-updates->stable-new

Debian FTP Masters ftpmaster at ftp-master.debian.org
Tue Jan 24 21:02:07 GMT 2023


Thank you for your contribution to Debian.

Mapping stable-security to proposed-updates.

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 07 Jan 2023 19:27:55 +0800
Source: nodejs
Architecture: source
Version: 12.22.12~dfsg-1~deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel at alioth-lists.debian.net>
Changed-By: Aron Xu <aron at debian.org>
Changes:
 nodejs (12.22.12~dfsg-1~deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Backport upstream fix for:
     - CVE-2022-32212, CVE-2022-43548: IsAllowedHost check bypass
     - CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-35256: several HTTP
       Request Smuggling (HRS) in llhttp parser.
     - CVE-2022-35255: better randomness setup V8:EntropySource()
Checksums-Sha1:
 9661296cc3bb3c6529a2f7a5f0abee65fc837b58 3135 nodejs_12.22.12~dfsg-1~deb11u2.dsc
 e098113fab456f74d311bf77a086490351ecf37a 150420 nodejs_12.22.12~dfsg-1~deb11u2.debian.tar.xz
 e27da2fcb8ccde4348991d7c4f5d68471d7d9ad6 6969 nodejs_12.22.12~dfsg-1~deb11u2_source.buildinfo
Checksums-Sha256:
 cd02f25a886be794df8ab4941bebbc48247a866692d907a925b3502ba5f582c1 3135 nodejs_12.22.12~dfsg-1~deb11u2.dsc
 9ff180c488dc835abcd4ce26c9856f8a99c42029211c9cf786b46eeaf0968e9d 150420 nodejs_12.22.12~dfsg-1~deb11u2.debian.tar.xz
 d784fa93b7195886e2ae298ecd3653cb0a2ead5670eaec8db2d2c046b25ca231 6969 nodejs_12.22.12~dfsg-1~deb11u2_source.buildinfo
Files:
 b05f49f750f64d38d810003823c23c5d 3135 javascript optional nodejs_12.22.12~dfsg-1~deb11u2.dsc
 eb72460c512ef8bbcb9d60d72d9380c9 150420 javascript optional nodejs_12.22.12~dfsg-1~deb11u2.debian.tar.xz
 80160ffc878fafbcd91ffa246a52bfa9 6969 javascript optional nodejs_12.22.12~dfsg-1~deb11u2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmPIy8UACgkQO1LKKgqv
2VSGkAf/XykNp5UwiDqDFxiYieLhaTYYziF3SzGBesRzvH5onYHeaToJ97iau1Sn
jdcM8vx45A17nYjxxoHeHZyp96ZHXKDwTuJDeQ0yqFnbMfs0uOKU3aWGG8ZgEEjx
TpYhp9VvyVRKDEr6k0c8e+QD+1emmI3h8YFZFsfewK3S7gxNigAd1+hGFfN/1rtm
G3otKU1hV8wZz88/vtMihZzHmFmuuC3f2qoo+KOODBmOAxOjWHeuf9NFEyCXbp7a
vhng4WQMGue8pxpx4NGBk7lS1uQ+9rpQSeQHxzoRhDD0K8cVaol0A0MvHcqGRGLq
6I3TXBHvmnuWL8zB9V6LvHvhBXCc7A==
=jSGZ
-----END PGP SIGNATURE-----




More information about the Pkg-javascript-devel mailing list