Bug#930112: stretch-pu: package node-growl/1.7.0-1+deb9u1

To: Xavier Guimard <yadd@debian.org>, 930112@bugs.debian.org
Subject: Bug#930112: stretch-pu: package node-growl/1.7.0-1+deb9u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Thu, 22 Aug 2019 21:43:46 +0100
Message-id: <[🔎] fa162858a44df61aa49f179e8e953ffc261fd729.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 930112@bugs.debian.org
In-reply-to: <155990277223.7434.10657980828123273421.reportbug@mac-debian.lemonldap-ng.org>
References: <155990277223.7434.10657980828123273421.reportbug@mac-debian.lemonldap-ng.org> <155990277223.7434.10657980828123273421.reportbug@mac-debian.lemonldap-ng.org>

Control: tags -1 + confirmed

On Fri, 2019-06-07 at 12:19 +0200, Xavier Guimard wrote:
> node-growl in stretch is vulnerable to #900868 / CVE-2017-16042. I
> imported upstream patch and embedded the little shell-escape module.

None of this makes me happy, but I guess go for it...

Regards,

Adam

Reply to:

Prev by Date: Bug#906258: stretch-pu: package yubico-piv-tool/1.4.2-2
Next by Date: Processed: Re: Bug#930112: stretch-pu: package node-growl/1.7.0-1+deb9u1
Previous by thread: Bug#906258: stretch-pu: package yubico-piv-tool/1.4.2-2
Next by thread: Processed: Re: Bug#930112: stretch-pu: package node-growl/1.7.0-1+deb9u1
Index(es):
- Date
- Thread