Bug#972903: buster-pu: package node-pathval/1.1.0-3+deb10u1

To: Xavier Guimard <yadd@debian.org>, 972903@bugs.debian.org
Subject: Bug#972903: buster-pu: package node-pathval/1.1.0-3+deb10u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Thu, 19 Nov 2020 20:22:45 +0000
Message-id: <[🔎] 5c7b084b428278587b70e2f094613ce19a396c06.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 972903@bugs.debian.org
In-reply-to: <160368417093.3955920.8563906041556516565.reportbug@deb007.xnr.fr>
References: <160368417093.3955920.8563906041556516565.reportbug@deb007.xnr.fr> <160368417093.3955920.8563906041556516565.reportbug@deb007.xnr.fr>

Control: tags -1 + confirmed

On Mon, 2020-10-26 at 04:49 +0100, Xavier Guimard wrote:
> node-pathval is vulnerable to a prototype pollution (CVE-2020-7751,
> #972895)
> 

Please go ahead.

Regards,

Adam

Reply to:

Prev by Date: Processed: Re: Bug#972903: buster-pu: package node-pathval/1.1.0-3+deb10u1
Next by Date: Bug#973706: buster-pu: package lttng-modules/2.10.8-1
Previous by thread: Processed: libjpeg-turbo 1.5.2-2+deb10u1 flagged for acceptance
Next by thread: Processed: Re: Bug#972903: buster-pu: package node-pathval/1.1.0-3+deb10u1
Index(es):
- Date
- Thread