subject:"Bug#1014571\: bullseye\-pu\: package node\-log4js\/6.3.0\+\~cs8.3.10\-1\+deb11u1"

Processed: Re: Bug#1014571: bullseye-pu: package node-log4js/6.3.0+~cs8.3.10-1+deb11u1

2022-08-06 Thread Debian Bug Tracking System

Processing control commands: > tags -1 + confirmed Bug #1014571 [release.debian.org] bullseye-pu: package node-log4js/6.3.0+~cs8.3.10-1+deb11u1 Added tag(s) confirmed. -- 1014571: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014571 Debian Bug Tracking System Contact ow...@bugs.debian.org

Bug#1014571: bullseye-pu: package node-log4js/6.3.0+~cs8.3.10-1+deb11u1

2022-08-06 Thread Adam D. Barratt

Control: tags -1 + confirmed On Fri, 2022-07-08 at 07:49 +0200, Yadd wrote: > node-log4js creates log files with permissive rights (644). This > causes > a security issue (CVE-2022-21704) > Please go ahead. Regards, Adam

Bug#1014571: bullseye-pu: package node-log4js/6.3.0+~cs8.3.10-1+deb11u1

2022-07-07 Thread Yadd

Package: release.debian.org Severity: normal Tags: bullseye User: release.debian@packages.debian.org Usertags: pu [ Reason ] node-log4js creates log files with permissive rights (644). This causes a security issue (CVE-2022-21704) [ Impact ] Medium vulnerability [ Tests ] Test passed [