nodejs (20.15.1+dfsg-1)
[PTS] [DDPO]
OK: VCS matches the version in the archive
- Git: https://salsa.debian.org/js-team/nodejs.git -b master-20.x
-
- Branch: master-20.x
- Path: debian/changelog
- Repo size: 7983104
- Browser: https://salsa.debian.org/js-team/nodejs/tree/master-20.x
- Last scan: 2024-07-09 21:47:58+00
- Next scan: 2024-07-18 00:52:00+00
- CI pipeline status: failed
- Debian changelog in Git:
nodejs (20.15.1+dfsg-1) unstable; urgency=medium
* New upstream version 20.15.1+dfsg
* Fix watch file to ensure ada 2.7.8
* CVE-2024-36138: Bypass incomplete fix of CVE-2024-27980 (High)
* CVE-2024-22020: Bypass network import restriction via data URL (Medium)
* CVE-2024-22018: fs.lstat bypasses permission model (Low)
* CVE-2024-36137: fs.fchown/fchmod bypasses permission model (Low)
* CVE-2024-37372: Permission model improperly processes UNC paths (Low)
* Add another failing test to loong64/mips64el
-- Jérémy Lal <kapouer@melix.org> Tue, 09 Jul 2024 10:02:04 +0200
- This branch is even with tag debian/20.15.1+dfsg-1