Bug#994828: bullseye-pu: package node-prismjs/1.23.0+dfsg-1+deb11u1

To: Yadd <yadd@debian.org>, 994828@bugs.debian.org
Subject: Bug#994828: bullseye-pu: package node-prismjs/1.23.0+dfsg-1+deb11u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Thu, 30 Sep 2021 19:58:31 +0100
Message-id: <[🔎] 25a80a0c014b0ef25951c8925465b475e89830d1.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 994828@bugs.debian.org
In-reply-to: <[🔎] 163222858621.689189.11515923024734546075.reportbug@deb007.xnr.fr>
References: <[🔎] 163222858621.689189.11515923024734546075.reportbug@deb007.xnr.fr> <[🔎] 163222858621.689189.11515923024734546075.reportbug@deb007.xnr.fr>

Control: tags -1 + moreinfo

On Tue, 2021-09-21 at 14:49 +0200, Yadd wrote:
> node-prismjs is vulnerable to a Regex Denial of Service (ReDoS)
> (CVE-2021-40438)
> 

According to the Security Tracker, that's an Apache mod-proxy issue.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#994828: bullseye-pu: package node-prismjs/1.23.0+dfsg-1+deb11u1
  - From: Salvatore Bonaccorso <carnil@debian.org>

References:
- Bug#994828: bullseye-pu: package node-prismjs/1.23.0+dfsg-1+deb11u1
  - From: Yadd <yadd@debian.org>

Prev by Date: Processed: Re: Bug#994861: bullseye-pu: package node-ansi-regex/5.0.1-1~deb11u1
Next by Date: NEW changes in stable-new
Previous by thread: Bug#994828: bullseye-pu: package node-prismjs/1.23.0+dfsg-1+deb11u1
Next by thread: Bug#994828: bullseye-pu: package node-prismjs/1.23.0+dfsg-1+deb11u1
Index(es):
- Date
- Thread