[ubuntu/jammy-updates] angular.js 1.8.2-2ubuntu0.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Wed Jan 14 08:59:37 UTC 2026
angular.js (1.8.2-2ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: denial of service
- debian/patches/CVE-2022-25844.patch: Avoid a redos by avoiding regex
- debian/patches/CVE-2023-26116.patch: Fix the redos by using
regex.flags
- debian/patches/CVE-2023-26117.patch: Fix by linear replace a redos
- debian/patches/CVE-2023-26117.patch: Fix redos via the
<input type="url"> element
- debian/patches/CVE-2024-21490.patch: Fix ReDoS vulnerability with
ng-srcset
- CVE-2022-25844
- CVE-2023-26116
- CVE-2023-26117
- CVE-2023-26118
- CVE-2024-21490
* SECURITY UPDATE: content spoofing issue
- debian/patches/CVE-2024-8372_8373.patch: Fix improper sanitisation of
srcset and src on img and source elmenets
- debian/patches/CVE-2025-0716.patch: Fix improper sanitisation of href
and xlink:href on SVG image elements
- debian/patches/CVE-2025-2336.patch: Fix improper sanitisation in
ngSanitize
- CVE-2024-8372
- CVE-2024-8373
- CVE-2025-0716
- CVE-2025-2336
Date: 2026-01-13 16:20:12.313734+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/angular.js/1.8.2-2ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list