On 6/1/23 13:44, Paul Gevers wrote:
control: tags -1 moreinfo
Hi Yadd,
On 29-05-2023 05:58, Yadd wrote:
On 5/28/23 10:29, Graham Inggs wrote:
On Wed, 3 May 2023 at 04:51, Yadd wrote:
How about reverting and providing a fix only for that CVE please?
instead of reverting and have a too long
Processing control commands:
> tags -1 moreinfo
Bug #1032994 [release.debian.org] bookworm-pu: package
node-webpack/5.75.0+dfsg+~cs17.16.14-1+deb12u1
Added tag(s) moreinfo.
--
1032994: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032994
Debian Bug Tracking System
Contact ow...@bugs.debian
control: tags -1 moreinfo
Hi Yadd,
On 29-05-2023 05:58, Yadd wrote:
On 5/28/23 10:29, Graham Inggs wrote:
On Wed, 3 May 2023 at 04:51, Yadd wrote:
How about reverting and providing a fix only for that CVE please?
instead of reverting and have a too long version
(5.76.1+dfsg1+~cs17.16.16+r
On 5/28/23 10:29, Graham Inggs wrote:
tags -1 + moreinfo
Hi Yadd
On Wed, 3 May 2023 at 04:51, Yadd wrote:
here is the current debdiff (without the big removal of useless
discoveryjs-json-ext/benchmarks)
I removed the moreinfo tag before realizing this is exactly the same
as the first debdif
tags -1 + moreinfo
Hi Yadd
On Wed, 3 May 2023 at 04:51, Yadd wrote:
> here is the current debdiff (without the big removal of useless
> discoveryjs-json-ext/benchmarks)
I removed the moreinfo tag before realizing this is exactly the same
as the first debdiff.
You seem to have missed this comme
On 5/2/23 23:26, Paul Gevers wrote:
Hi Yadd,
On 02-05-2023 10:15, Yadd wrote:
extracting only CVE patch means:
* keep some (unimportant) bugs in Bullseye
* publish such version number:
5.76.1+dfsg1+~cs17.16.16+really~5.75.0+dfsg+~cs17.16.14-1
Indeed, both are totally acceptable. Can w
Hi Yadd,
On 02-05-2023 10:15, Yadd wrote:
extracting only CVE patch means:
* keep some (unimportant) bugs in Bullseye
* publish such version number:
5.76.1+dfsg1+~cs17.16.16+really~5.75.0+dfsg+~cs17.16.14-1
Indeed, both are totally acceptable. Can we have a debdiff please?
Paul
Open
On 4/29/23 16:00, Salvatore Bonaccorso wrote:
Control: severity 1032904 serious
Hi Yadd,
On Wed, Mar 15, 2023 at 09:11:46PM +0100, Paul Gevers wrote:
Control: tags -1 moreinfo
Hi Yadd,
On 15-03-2023 13:38, Yadd wrote:
[ Reason ]
node-webpack is vulnerable to cross-realm object access
(#1032
Control: severity 1032904 serious
Hi Yadd,
On Wed, Mar 15, 2023 at 09:11:46PM +0100, Paul Gevers wrote:
> Control: tags -1 moreinfo
>
> Hi Yadd,
>
> On 15-03-2023 13:38, Yadd wrote:
> > [ Reason ]
> > node-webpack is vulnerable to cross-realm object access
> > (#1032904, CVE-2023-28154).
>
> T
Processing control commands:
> tags -1 moreinfo
Bug #1032994 [release.debian.org] unblock:
node-webpack/5.76.1+dfsg1+~cs17.16.16-1
Added tag(s) moreinfo.
--
1032994: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032994
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tags -1 moreinfo
Hi Yadd,
On 15-03-2023 13:38, Yadd wrote:
[ Reason ]
node-webpack is vulnerable to cross-realm object access
(#1032904, CVE-2023-28154).
This doesn't look like a targeted fix, but rather seems to include much
more.
How about reverting and providing a fix only for
On 3/15/23 16:38, Yadd wrote:
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: node-webp...@packages.debian.org
Control: affects -1 + src:node-webpack
Please unblock package node-webpack
[ Reason ]
node-webpack is vulnerab
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: node-webp...@packages.debian.org
Control: affects -1 + src:node-webpack
Please unblock package node-webpack
[ Reason ]
node-webpack is vulnerable to cross-realm object access
13 matches
Mail list logo
