-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : dojo Version : 1.10.2+dfsg-1+deb8u1 CVE ID : CVE-2018-15494 Debian Bug : #906540
It was discovered that there was a string injection vulnerability in the "dojo" Javascript library. For Debian 8 "Jessie", this issue has been fixed in dojo version 1.10.2+dfsg-1+deb8u1 by Abhijith PA. We recommend that you upgrade your dojo packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAluM55MACgkQHpU+J9Qx HljW0g//Rb9amaKVT0tNpkzhkIHWzzGvDq4qOu7C0063LJoNUlMzjN2NVKE1Gand Bw5W/ro1OqaHvbdas12IVnw1K/XtTKn8fD0LogLuOSrdEzyTBJdnqm1f29c1JClx 8TtO32SCtk8BiDC/TzSCqojVWbPhUdvTHGG1rCH6/l0jGvU3WnXfAaEQHAk62DLR fLgXHIPETK8crZb9EgCYbK/+PnJXHM5SKuhU3obUSvsNQByWdIPb7itJRRF/+1Ov n9gCwG4cQNi2Y8+76FfQQdELNDziZDPrpVb0CioI7Rdk5/pmaFwqohYtu4cPSfTa 63GnnRQHnbKfE7C0Y1uIHFJD9cvgNbbNouFLsKPwQJEkUuCTVI1uScZfrsqRva1z v2T/Gzk1jKWV5gUGHJNzQ0bslCWcKrPr/5eNJ8pOuRA0y3uesb9Xs2REUdq2Nuk2 NPuJ/AWZyAQMVbi7ifYLVpUJktF5OcurjkYZ3YAvn72dM6YjNABjsC19b+FbH3rw JyB374xclswNGC+HBfQNihYRtVEd6ucaTd218HMxtNMs5pD3l2R4vjIHNTRg9Ta/ 2IkRWFJ6uRkb97FaEZQLkou0CgPVOc5Y1NGYf82uAu1t2O3GSv6VciXhQonBp40+ 7xDluCZEbTDDQHaRq2gLiAhNIAo82Ka25X4YCayNN89qFu/ChMg= =9d0p -----END PGP SIGNATURE-----