Package: node-connect Severity: serious Tags: security fixed-upstream The Node Security Project discovered an XSS vulnerability in the node connect module, please fix this bug by upgrading node-connect.
Vulnerable: <=2.8.0 Patched: >=2.8.1 Report: https://nodesecurity.io/advisories/methodOverride_Middleware_Reflected_Cross-Site_Scripting Upstream bug report: https://github.com/senchalabs/connect/issues/831 First fix: https://github.com/senchalabs/connect/commit/277e5aad6a95d00f55571a9a0e11f2fa190d8135 Second fix: https://github.com/senchalabs/connect/commit/126187c4e12162e231b87350740045e5bb06e93a -- bye, pabs http://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part