On Sun, Feb 18, 2018 at 2:59 AM, Thorsten Alteholz wrote: > Other javascript libraries like libjs-* and *.js even don't get a CVE. So > either they are secure or nobody cares. We also miss out on some JS vulnerabilities because NodeSecurity don't systematically participate in the CVE system and we don't systematically import their issues. https://nodesecurity.io/advisories -- bye, pabs https://wiki.debian.org/PaulWise