Bug#927422: stretch-pu: package jquery/3.1.1-2+deb9u1

To: Xavier Guimard <yadd@debian.org>, 927422@bugs.debian.org
Subject: Bug#927422: stretch-pu: package jquery/3.1.1-2+deb9u1
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 20 Apr 2019 08:10:12 +0200
Message-id: <[🔎] 20190420061012.GA3683@eldamar.local>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 927422@bugs.debian.org
In-reply-to: <[🔎] 155567887662.11243.1899861581686399753.reportbug@mac-debian.lemonldap-ng.org>
References: <[🔎] 155567887662.11243.1899861581686399753.reportbug@mac-debian.lemonldap-ng.org> <[🔎] 155567887662.11243.1899861581686399753.reportbug@mac-debian.lemonldap-ng.org>

Hi,

On Fri, Apr 19, 2019 at 03:01:16PM +0200, Xavier Guimard wrote:
> Package: release.debian.org
> Severity: normal
> Tags: stretch
> User: release.debian.org@packages.debian.org
> Usertags: pu
> 
> Hi all,
> 
> I fixed https://snyk.io/vuln/SNYK-JS-JQUERY-174006 vulnerability for
> Buster. Here is the fix for Stretch. It just avoid Object.prototype
> pollution without chnaging behavior. Could you insert it in next stretch
> update ?

CVE-2019-11358 was assigned for the respective issue.

Regards,
Salvatore

Reply to:

Follow-Ups:
- Bug#927422: stretch-pu: package jquery/3.1.1-2+deb9u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Bug#927422: stretch-pu: package jquery/3.1.1-2+deb9u1
  - From: Xavier Guimard <yadd@debian.org>

Prev by Date: Bug#927437: unblock: openssl/1.1.1b-2
Next by Date: Bug#925296: marked as done (unblock: fusiondirectory/1.2.3-4)
Previous by thread: Bug#927422: stretch-pu: package jquery/3.1.1-2+deb9u1
Next by thread: Bug#927422: stretch-pu: package jquery/3.1.1-2+deb9u1
Index(es):
- Date
- Thread