[Pkg-javascript-devel] Bug#1107088: bookworm-pu: package twitter-bootstrap3/3.4.1+dfsg-3+deb12u2
Bastien Roucaries
rouca at debian.org
Sun Jun 1 14:56:01 BST 2025
Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: twitter-bootstrap3 at packages.debian.org
Control: affects -1 + src:twitter-bootstrap3
User: release.debian.org at packages.debian.org
Usertags: pu
[ Reason ]
CVE-2025-1647
[ Impact ]
CVE-2025-1647 is not fixed. XSS attack
[ Tests ]
Manual test using PoC + yadd review
[ Risks ]
Low
[ Checklist ]
[X] *all* changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in (old)stable
[X] the issue is verified as fixed in unstable
[ Changes ]
CVE-2025-1647 patch
[ Other info ]
EOL upstream
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 2.debdiff
Type: text/x-patch
Size: 4503 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-javascript-devel/attachments/20250601/88a33d4a/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://alioth-lists.debian.net/pipermail/pkg-javascript-devel/attachments/20250601/88a33d4a/attachment.sig>
More information about the Pkg-javascript-devel
mailing list