[ubuntu/bionic-security] node-moment 2.20.1+ds-1ubuntu0.1 (Accepted)
Nishit Majithia
nishit.majithia at canonical.com
Wed Aug 10 12:03:01 UTC 2022
node-moment (2.20.1+ds-1ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: Path traversal (LP: #1982617)
- debian/patches/CVE-2022-24785.patch: Avoid loading path-looking locales
from filesystem.
- CVE-2022-24785
* SECURITY UPDATE: Denial of service via very long date string (LP: #1982617)
- debian/patches/CVE-2022-31129.patch: Make a regular expression more
efficient.
- CVE-2022-31129
* debian/control: Add a build dependency on libjs-qunit.
* debian/rules: Add an override_dh_auto_test target that invokes
debian/run_test_suite.
* debian/run_test_suite: New file that invokes the upstream test suite.
Date: 2022-08-10 06:27:13.609389+00:00
Changed-By: Luís Cunha dos Reis Infante da Câmara <luis.infante.da.camara at tecnico.ulisboa.pt>
Signed-By: Nishit Majithia <nishit.majithia at canonical.com>
https://launchpad.net/ubuntu/+source/node-moment/2.20.1+ds-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list