package release.debian.org tags 947172 = buster pending thanks Hi,
The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster. Thanks for your contribution! Upload details ============== Package: npm Version: 5.8.0+ds6-4+deb10u1 Explanation: fix arbitrary path access [CVE-2019-16775, CVE-2019-16776, CVE-2019-16777]