[ubuntu/jammy-security] node-moment 2.29.1+ds-3ubuntu0.2 (Accepted)
Nishit Majithia
nishit.majithia at canonical.com
Wed Aug 10 12:07:32 UTC 2022
node-moment (2.29.1+ds-3ubuntu0.2) jammy-security; urgency=medium
* SECURITY UPDATE: Path traversal (LP: #1982617)
- debian/patches/CVE-2022-24785.patch: Avoid loading path-looking locales
from filesystem.
- CVE-2022-24785
* SECURITY UPDATE: Denial of service via very long date string (LP: #1982617)
- debian/patches/CVE-2022-31129.patch: Make a regular expression more
efficient.
- CVE-2022-31129
* debian/changelog: Add build dependency on libjs-qunit.
* debian/source/lintian-overrides: Remove, because all overrides are unused
or mismatched.
* debian/tests/control: Add dependency on libjs-qunit.
* debian/tests/pkg-js/test: Do a complete test.
Date: 2022-08-10 10:00:09.289991+00:00
Changed-By: Luís Cunha dos Reis Infante da Câmara <luis.infante.da.camara at tecnico.ulisboa.pt>
Signed-By: Nishit Majithia <nishit.majithia at canonical.com>
https://launchpad.net/ubuntu/+source/node-moment/2.29.1+ds-3ubuntu0.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list