[Pkg-javascript-devel] Bug#1105832: Followup question on CVE-2024-27982
Salvatore Bonaccorso
carnil at debian.org
Fri May 16 06:56:56 BST 2025
Hi Jeremy,
On Thu, May 15, 2025 at 10:50:34PM +0200, Jérémy Lal wrote:
> Also https://nodejs.org/en/blog/release/v20.19.2/
> mentions
> CVE-2024-27982 http: do not allow OBS fold in headers by default
Question on this one, this was already fixed in v18.20.1 and we did
got the fix included in 18.20.1+dfsg-1 correct? Did we lost the fix
afterwards?
Do we likely have other such problems (maybe from the april 2024
release CVEs)?
Regards,
Salvatore
More information about the Pkg-javascript-devel
mailing list