Bug#1108866: unblock: node-tar-fs/3.0.9+~cs2.0.4-1

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1108866: unblock: node-tar-fs/3.0.9+~cs2.0.4-1
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 06 Jul 2025 15:57:27 +0200
Message-id: <[🔎] 175181024763.3499880.4282457242897464921.reportbug@eldamar.lan>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 1108866@bugs.debian.org

Package: release.debian.org
Severity: normal
X-Debbugs-Cc: node-tar-fs@packages.debian.org, Yadd <yadd@debian.org>, team@security.debian.org, carnil@debian.org
Control: affects -1 + src:node-tar-fs
User: release.debian.org@packages.debian.org
Usertags: unblock

Hi Yadd, hi release team

node-tar-fs in trixie in vulnerable to CVE-2025-48387. The version
uploaded to unstable, node-tar-fs/3.0.9+~cs2.0.4-1 fixes the issue,
ubt cannot migrate automatically as it is a key package.

Yadd, was is your take on it? 

Regards,
Salvatore

Reply to:

Follow-Ups:
- Processed: unblock: node-tar-fs/3.0.9+~cs2.0.4-1
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>
- Bug#1108866: unblock: node-tar-fs/3.0.9+~cs2.0.4-1
  - From: Yadd <yadd@debian.org>
- Bug#1108866: marked as done (unblock: node-tar-fs/3.0.9+~cs2.0.4-1)
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Processed: unblock: node-tar-fs/3.0.9+~cs2.0.4-1
Next by Date: Bug#1108867: unblock: php8.4/8.4.10-1
Previous by thread: Bug#1108865: marked as done (unblock: mediawiki/1:1.43.3+dfsg-1)
Next by thread: Processed: unblock: node-tar-fs/3.0.9+~cs2.0.4-1
Index(es):
- Date
- Thread