node-public-encrypt (4.0.3-1) [PTS] [DDPO]

NEW: VCS has unreleased changes: 4.0.3-2 > 4.0.3-1

Git: https://salsa.debian.org/js-team/node-public-encrypt.git
JSON
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: master
Path: debian/changelog
Repo size: 131072
Browser: https://salsa.debian.org/js-team/node-public-encrypt
Last scan: 2025-03-31 07:42:06+00
Next scan: 2025-04-05 17:56:00+00
CI pipeline status: failed

Debian changelog in Git:

node-public-encrypt (4.0.3-2) unstable; urgency=high

  * Closes: #1100088:
    + fix unsupported RSA_PKCS1_PADDING error in decrypt tests

 -- Syeda Shagufta Naaz <syedashagufta.naaz@siemens.com> Tue, 11 Mar 2025 13:33:44 +0530

This branch is 2 commits ahead of tag debian/4.0.3-1

Git log:

commit 4d09d89a77a81ca5ba63b2fb2250c5e8470e71d2
Merge: 9bc72ae a6bedfe
Author: Jérémy Lal <kapouer@debian.org>
Date:   Thu Mar 13 00:32:07 2025 +0000

    Merge branch 'fix_RSA_PKCS1_PADDING' into 'master'
    
    handle unsupported RSA_PKCS1_PADDING error for private decryption
    
    See merge request js-team/node-public-encrypt!1

commit a6bedfec3cce55cc1067b48270d4179cdec825a1
Author: Syeda Shagufta Naaz <syedashagufta.naaz@siemens.com>
Date:   Tue Mar 11 13:10:46 2025 +0530

    handle unsupported RSA_PKCS1_PADDING error for private decryption
    
    Nodejs v18.20.4 and later versions have removed support for
    RSA_PKCS1_PADDING in private decryption to address the Marvin Attack
    vulnerability (CVE-2023-46809).
    
    Closes: #1100088
    
    Signed-off-by: Syeda Shagufta Naaz <syedashagufta.naaz@siemens.com>