Accepted node-qs 6.5.2-1+deb10u1 (source) into oldstable
- To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
- Subject: Accepted node-qs 6.5.2-1+deb10u1 (source) into oldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Mon, 30 Jan 2023 21:30:21 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: node-qs_6.5.2-1+deb10u1_source.changes
- Debian-source: node-qs
- Debian-suite: oldstable
- Debian-version: 6.5.2-1+deb10u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=3qz7al/t3/Ux4Lo582F+5OKX1noeWwG6ODc0LgO1pQo=; b=QvvGzkcH397eCVZ/2XBd/46vyM HFSe3tDDhlZORzW9vsAZI8nHkgaJxMUQJs8fuSr6lFQyZeGpieS8wN92KfloPk79kiAEjmUMuEukW 3Sv4iWvoQmq0nsfcAiDXDFWgXXJD3dC4yIlYRZDm/agtDwu3b68MwTf3aIRUJaBX/jrNOS12toWal 7w/AL1RSIemfbM3trGpM6yqw8qsmZKF5n5pUeS+fQWvQFZbA+ynS8e/Av9Ce7VhfpLnQtgrt/v95l O+RsS7kzlCFJ+ByU7gJC9xAyRMzJ51qxcft5M6dkf5oRlZEjNjgkCWRzW9en2ShDgQTt1D9AQbBlr Z9AEo08A==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1pMbjJ-005S8I-Fp@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 30 Jan 2023 21:28:37 +0100
Source: node-qs
Architecture: source
Version: 6.5.2-1+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Changes:
node-qs (6.5.2-1+deb10u1) buster-security; urgency=high
.
* Non-maintainer upload by the LTS Security Team.
* CVE-2022-24999: Prototype poisoning vulnerability. qs allows for instance
the creation of array-like objects by setting an Array in the `__ proto__`
property; the resulting Objects inherit the `Array` prototype, thereby
exposing native Array functions.
Checksums-Sha1:
42a5e5403994547ecc803c18c0d0439ff2db3556 1988 node-qs_6.5.2-1+deb10u1.dsc
6c80d815df84e0bb2fd4e486cc0d7279d7998bcb 23602 node-qs_6.5.2.orig.tar.gz
2080c6d1fd22ac260f9a0bef8b615920ad229bfc 4204 node-qs_6.5.2-1+deb10u1.debian.tar.xz
bca55e265e5b842a32c8e416a6a48a1239dda53a 5751 node-qs_6.5.2-1+deb10u1_amd64.buildinfo
Checksums-Sha256:
75773e8e44b6e82e6cbf4bf46610379ff072b09404c6b98b1aba2aacde1b1367 1988 node-qs_6.5.2-1+deb10u1.dsc
7834ea513688f96bfe73b00a3caced38f7ee3a6b68584b67cd93dd987251db40 23602 node-qs_6.5.2.orig.tar.gz
9f302ddc07e1eb537f3305fcb74150ec0990063b45c41b4f062de1ecd77b0b07 4204 node-qs_6.5.2-1+deb10u1.debian.tar.xz
98c0bf8483b84492e65d19c4dce79b0b4276ef563013cb64a9b3527f25ae2789 5751 node-qs_6.5.2-1+deb10u1_amd64.buildinfo
Files:
267abcf740492a4831d853bd8b27e12e 1988 javascript optional node-qs_6.5.2-1+deb10u1.dsc
cf8d7a41b09a362b51539bb14b17ad5b 23602 javascript optional node-qs_6.5.2.orig.tar.gz
8fd22e9081832234adc4b4d0838b8e5a 4204 javascript optional node-qs_6.5.2-1+deb10u1.debian.tar.xz
0a3a38a9a6b86974938f33df5ddcab83 5751 javascript optional node-qs_6.5.2-1+deb10u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmPYKKEACgkQ05pJnDwh
pVKQLRAAjGp1PepPqZyIt1W9ypk7yVZLtYgDjjg9lBxOnKwkNoZRSesDxaFLJCv4
EJ7E470U2S66kXCJ8+ui5TEwKLF/ukIpO8UnjAaR3XtjZ8DyrldLvmJ1apCjONpv
C8D64seYGP9/7H8Lt0X0r0uqlbn0pJtTBlwwew1eqzI5ftPh7MwKoEde6B8C5U34
h/ZSmEdZDVK7DZs9ZMDTAfsno32vxJzQo7ZM0hop3DWVGM0/0vE61QDp2tjZLZqK
nMitneFTx7J364wMKZqAXNvh6gvkZyrplq8quq0LvPpGgYZYvgxNetob2aPkP5/h
SU1Nk/JVfOtLMg68FeSXGnjVAM6glq36cJrwuU5lD6DFu1oLKbCeWL2Bta8M6qY2
MVoUPDKK2GndsCeL8YGOkr+pGyM6dpX1GCEEE5plY0k2hLtEcPZirH2zKwVbhFzs
FguZDH66rOLPTPxQwlagNwC/gZtM5kujCiSPAK2w+SoVTqZ6TIIP5ERXC79JR6nF
DDCdUBc9OG2Y/FUkFhOpFyw+tRxUkkd5u4zAavwvtoE6c516NbCHmEvClPjt8+9u
uSV0zBzng3ncO6ytR5PmVqqaekvB9gQ1KF5wP5OIiVBWqF4o5vZaMp3v9kdMUL4v
9JYqyWL4BTAE69KvFAcbGZSokxEjuGiq3VXDyfyYoKnECa8lzL0=
=Q26B
-----END PGP SIGNATURE-----