Le 20/07/2019 à 22:23, Salvatore Bonaccorso a écrit : > Hi Xavier, > > On Sat, Jul 20, 2019 at 05:44:05PM +0200, Xavier wrote: >> Le 20/07/2019 à 06:32, Paolo Greppi a écrit : >>> Package: node-mixin-deep >>> Version: 1.1.3-3 >>> Severity: important >>> >>> Dear Maintainer, >>> >>> node-mixin-deep 1.1.3-3 is affected by a prototype pollution vulnerability: >>> https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212 >>> https://github.com/jonschlinkert/mixin-deep/issues/6 >>> >>> Please upgrade to either 1.3.2 or 2.0.1. >>> >>> Thanks, Paolo >> >> Hello, >> >> here is a proposed fix. > > Thanks for preparing a debdiff. Can you fix this via an upcoming point > release for buster? > > Regards, > Salvatore
Of course, thanks for your work !