Bug#1022122: bullseye-pu: package node-minimatch/3.0.4+~3.0.3-1+deb11u1
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian.org@packages.debian.org
Usertags: pu
[ Reason ]
node-minimatch is vulnerable to ReDoS
[ Impact ]
Medium security issue
[ Tests ]
New tests included in patch, passed
[ Risks ]
Low risk, patch is not so big and test passed
[ Checklist ]
[X] *all* changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in (old)stable
[X] the issue is verified as fixed in unstable
[ Changes ]
Improve ReDoS protection and add more tests
Cheers,
Yadd
Reply to: