Bug#927422: stretch-pu: package jquery/3.1.1-2+deb9u1

To: Salvatore Bonaccorso <carnil@debian.org>, 927422@bugs.debian.org, Xavier Guimard <yadd@debian.org>
Subject: Bug#927422: stretch-pu: package jquery/3.1.1-2+deb9u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 20 Apr 2019 11:23:26 +0100
Message-id: <[🔎] 1555755806.3187.24.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 927422@bugs.debian.org
In-reply-to: <[🔎] 20190420061012.GA3683@eldamar.local>
References: <[🔎] 155567887662.11243.1899861581686399753.reportbug@mac-debian.lemonldap-ng.org> <[🔎] 155567887662.11243.1899861581686399753.reportbug@mac-debian.lemonldap-ng.org> <[🔎] 20190420061012.GA3683@eldamar.local> <[🔎] 155567887662.11243.1899861581686399753.reportbug@mac-debian.lemonldap-ng.org>

Control: tags -1 + confirmed

On Sat, 2019-04-20 at 08:10 +0200, Salvatore Bonaccorso wrote:
> Hi,
> 
> On Fri, Apr 19, 2019 at 03:01:16PM +0200, Xavier Guimard wrote:
> > I fixed https://snyk.io/vuln/SNYK-JS-JQUERY-174006 vulnerability
> > for
> > Buster. Here is the fix for Stretch. It just avoid Object.prototype
> > pollution without chnaging behavior. Could you insert it in next
> > stretch
> > update ?
> 
> CVE-2019-11358 was assigned for the respective issue.

Please add that to the changelog and go ahead with the upload, bearing
in mind that the window for 9.9 closes during this weekend.

Regards,

Adam

Reply to:

References:
- Bug#927422: stretch-pu: package jquery/3.1.1-2+deb9u1
  - From: Xavier Guimard <yadd@debian.org>
- Bug#927422: stretch-pu: package jquery/3.1.1-2+deb9u1
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Bug#927378: stretch-pu: package node-superagent/0.20.0+dfsg-1+deb9u1
Next by Date: Processed: Re: Bug#927422: stretch-pu: package jquery/3.1.1-2+deb9u1
Previous by thread: Bug#927422: stretch-pu: package jquery/3.1.1-2+deb9u1
Next by thread: Processed: Re: Bug#927422: stretch-pu: package jquery/3.1.1-2+deb9u1
Index(es):
- Date
- Thread