Bug#980857: buster-pu: package highlight.js/9.12.0+dfsg1-4+deb10u1

To: Thorsten Alteholz <debian@alteholz.de>, 980857@bugs.debian.org
Subject: Bug#980857: buster-pu: package highlight.js/9.12.0+dfsg1-4+deb10u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 30 Jan 2021 14:57:24 +0000
Message-id: <[🔎] 1abc1c975d5619f356b3106f2709149813f01a47.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 980857@bugs.debian.org
In-reply-to: <alpine.DEB.2.21.2101230827360.1177@postfach.intern.alteholz.me>
References: <alpine.DEB.2.21.2101230827360.1177@postfach.intern.alteholz.me> <alpine.DEB.2.21.2101230827360.1177@postfach.intern.alteholz.me>

Control: tags -1 + confirmed

For some reason, the initial request here doesn't seem to have made it
to the debian-release list.

On Sat, 2021-01-23 at 08:32 +0000, Thorsten Alteholz wrote:
> The attached debdiff for highlight.js fixes CVE-2020-26237 in Buster.
> 
> Meanwhile it is marked as no-dsa by the security team.
> 
> The same fix is already applied to 9.18.1+dfsg1-3, which was uploaded
> to unstable  in December and no regression showed up.

Please go ahead.

Regards,

Adam

Reply to:

Prev by Date: Processed: Re: buster-pu: package highlight.js/9.12.0+dfsg1-4+deb10u1
Next by Date: Processed: tagging 962672
Previous by thread: Processed: tagging 980402
Next by thread: Processed: Re: buster-pu: package highlight.js/9.12.0+dfsg1-4+deb10u1
Index(es):
- Date
- Thread