[Pkg-javascript-devel] Bug#1039990: Bug#1039990: nodejs: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590
Jérémy Lal
kapouer at melix.org
Wed Jul 19 20:39:05 BST 2023
Le mer. 19 juil. 2023 à 14:18, Moritz Mühlenhoff <jmm at inutil.org> a écrit :
> Am Fri, Jun 30, 2023 at 08:12:37PM +0200 schrieb Jérémy Lal:
> > Hi,
> >
> > Le ven. 30 juin 2023 à 19:21, Salvatore Bonaccorso <carnil at debian.org> a
> > écrit :
> >
> > > Source: nodejs
> > > Version: 18.13.0+dfsg1-1
> > > Severity: important
> > > Tags: security upstream
> > > X-Debbugs-Cc: carnil at debian.org, Debian Security Team <
> > > team at security.debian.org>
> > >
> > > Hi,
> > >
> > > The following vulnerabilities were published for nodejs.
> > >
> > > CVE-2023-30581[0], CVE-2023-30588[1], CVE-2023-30589[2] and
> > > CVE-2023-30590[3].
> > >
> > >
> > > If you fix the vulnerabilities please also make sure to include the
> > > CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
> > >
> >
> > It would be interesting to know if we adopt the same plan we had with
> > security team:
> > full upstream updates in the same branch, 18.x here.
>
> Ack, let's do that. Could you prepare bookworm-security updates
> based on 18.17.0 (after it has landed in unstable)?
>
Will do.
Jérémy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-javascript-devel/attachments/20230719/854bb710/attachment.htm>
More information about the Pkg-javascript-devel
mailing list