Re: NodeJS Security

To: Sven Buesing <s.buesing@babiel.com>
Cc: "'debian-security-tracker@lists.debian.org'" <debian-security-tracker@lists.debian.org>
Subject: Re: NodeJS Security
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 15 Jun 2016 16:41:43 +0200
Message-id: <[🔎] 20160615144143.GA7903@eldamar.local>
Mail-followup-to: Sven Buesing <s.buesing@babiel.com>, "'debian-security-tracker@lists.debian.org'" <debian-security-tracker@lists.debian.org>
In-reply-to: <[🔎] CE28908D9E6335429B9D7F257075114E3F7F7132@s015011.office.babiel.com>
References: <[🔎] CE28908D9E6335429B9D7F257075114E3F7F7132@s015011.office.babiel.com>

Hi Sven,

On Wed, Jun 15, 2016 at 02:08:17PM +0000, Sven Buesing wrote:
> Dear Debian Security-Team,
> 
> Are you going to address the following issues in nodejs for jessie
> (CVE-2016-2107, CVE-2016-2105, CVE-2016-0705, CVE-2016-0702)? For more
> information see below.

I'm afraid, but nodejs and lib8-3.14 related packages are not
supported security-wise. See for that the explanation in the release
notes at
https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html#libv8

Regards,
Salvatore

Reply to:

References:
- NodeJS Security
  - From: Sven Buesing <s.buesing@babiel.com>

Prev by Date: NodeJS Security
Next by Date: External check
Previous by thread: NodeJS Security
Index(es):
- Date
- Thread