Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 9987a9ec by Moritz Mühlenhoff at 2022-12-04T21:31:30+01:00 two more node spu - - - - - 2 changed files: - data/CVE/list - data/next-point-update.txt Changes: ===================================== data/CVE/list ===================================== @@ -50296,6 +50296,7 @@ CVE-2022-29168 (Wire is a secure messaging application. Wire is vulnerable to ar NOT-FOR-US: wire-webapp CVE-2022-29167 (Hawk is an HTTP authentication scheme providing mechanisms for making ...) - node-hawk 9.0.1-1 + [bullseye] - node-hawk <no-dsa> (Minor issue) NOTE: https://github.com/mozilla/hawk/security/advisories/GHSA-44pw-h2cw-w3vq NOTE: https://github.com/mozilla/hawk/pull/286 NOTE: https://github.com/mozilla/hawk/commit/ade134119bf1fdc4909d00f5a952c966f0075ad3 @@ -62373,6 +62374,7 @@ CVE-2022-25000 RESERVED CVE-2022-24999 (qs before 6.10.3, as used in Express before 4.17.3 and other products, ...) - node-qs 6.10.3+ds+~6.9.7-1 + [bullseye] - node-qs <no-dsa> (Minor issue) NOTE: https://github.com/ljharb/qs/pull/428 CVE-2022-24998 RESERVED ===================================== data/next-point-update.txt ===================================== @@ -160,3 +160,7 @@ CVE-2022-32088 [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 CVE-2022-38791 [bullseye] - mariadb-10.5 1:10.5.18-0+deb11u1 +CVE-2022-24999 + [bullseye] - node-qs 6.9.4+ds-1+deb11u1 +CVE-2022-29167 + [bullseye] - node-hawk 8.0.1+dfsg-2+deb11u1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9987a9ec494064e1f356fe9548050e3a9d75ffd3 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9987a9ec494064e1f356fe9548050e3a9d75ffd3 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits