[ubuntu/jammy-updates] node-moment 2.29.1+ds-3ubuntu0.2 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Wed Aug 10 12:58:18 UTC 2022
node-moment (2.29.1+ds-3ubuntu0.2) jammy-security; urgency=medium
* SECURITY UPDATE: Path traversal (LP: #1982617)
- debian/patches/CVE-2022-24785.patch: Avoid loading path-looking locales
from filesystem.
- CVE-2022-24785
* SECURITY UPDATE: Denial of service via very long date string (LP: #1982617)
- debian/patches/CVE-2022-31129.patch: Make a regular expression more
efficient.
- CVE-2022-31129
* debian/changelog: Add build dependency on libjs-qunit.
* debian/source/lintian-overrides: Remove, because all overrides are unused
or mismatched.
* debian/tests/control: Add dependency on libjs-qunit.
* debian/tests/pkg-js/test: Do a complete test.
Date: 2022-08-10 10:00:09.289991+00:00
Changed-By: Luís Cunha dos Reis Infante da Câmara <luis.infante.da.camara at tecnico.ulisboa.pt>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/node-moment/2.29.1+ds-3ubuntu0.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list