Bug#947172: buster-pu: package npm/5.8.0+ds6-4+deb10u1

To: Xavier Guimard <yadd@debian.org>, 947172@bugs.debian.org
Subject: Bug#947172: buster-pu: package npm/5.8.0+ds6-4+deb10u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 25 Apr 2020 20:09:16 +0100
Message-id: <[🔎] 7cfed6a08f3cf239e20de48d5b75ba31cba9c151.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 947172@bugs.debian.org
In-reply-to: <157702046721.3220567.237022524476693513.reportbug@deb007.xnr.fr>
References: <157702046721.3220567.237022524476693513.reportbug@deb007.xnr.fr> <157702046721.3220567.237022524476693513.reportbug@deb007.xnr.fr>

Control: tags -1 + confirmed

On Sun, 2019-12-22 at 14:14 +0100, Xavier Guimard wrote:
> npm is vulnerable to some CVEs (CVE-2019-16775, CVE-2019-16776,
> CVE-2019-16777). This patch groups patches from differents sub
> modules affected and add a new module (npm-normalize-package-bin
> package) used by these fixes.
> 

Sorry for the delay. Please go ahead.

Regards,

Adam

Reply to:

Prev by Date: Processed: Re: Bug#948333: buster-pu: package frr/6.0.2-2
Next by Date: Processed: Re: Bug#947172: buster-pu: package npm/5.8.0+ds6-4+deb10u1
Previous by thread: Bug#948333: buster-pu: package frr/6.0.2-2
Next by thread: Processed: Re: Bug#947172: buster-pu: package npm/5.8.0+ds6-4+deb10u1
Index(es):
- Date
- Thread