Accepted nodejs 10.24.0~dfsg-1~deb10u3 (source) into oldstable
- To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
- Subject: Accepted nodejs 10.24.0~dfsg-1~deb10u3 (source) into oldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 25 Feb 2023 21:10:21 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: nodejs_10.24.0~dfsg-1~deb10u3_source.changes
- Debian-source: nodejs
- Debian-suite: oldstable
- Debian-version: 10.24.0~dfsg-1~deb10u3
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=k1yAzjDxZaREG9NcIYONrOTxDu8hDnMNqJU6FQZBe28=; b=XOpGAVPUjGYFVjOiXXJHbfn5nx LUXbZkkhIK7BMgwVnGY2J+cf/oFrGC37lxT4rXOi0711rvKU7o7hVkD/CYWF4sISaDJ54ZZT1QnmZ SSlpEIWLTchCtTCkSVNOtKffSp3JQNz4YlQvVV1055/u0nExEa8f30nQajk1tc0bmHB0zROGxYGgw FHPQW+oJ7aqCzO3YyqWqhyN556BilAhqZwJddlgxvDBffW7WRWEMGEojhqVbkIb5CUf9kKZGp4Q2N EOR67JEgamFUqOOi6ZInWJrYHZYQxpvU5ZUorXMGdHxrsL+sRYe+WYXcCdH0HYMiLhlA1U6T4axv5 vDDDhWBw==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1pW1oD-00BNiQ-0O@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 25 Feb 2023 01:29:22 +0100
Source: nodejs
Architecture: source
Version: 10.24.0~dfsg-1~deb10u3
Distribution: buster-security
Urgency: high
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 1023518 1031834
Changes:
nodejs (10.24.0~dfsg-1~deb10u3) buster-security; urgency=high
.
* Non-maintainer upload by the LTS Security Team.
* CVE-2022-43548: OS Command Injection vulnerability due to insufficient
`IsAllowedHost` check. Closes: #1023518.
* CVE-2023-23920: Insecure loading of ICU data through ICU_DATA environment
variable. Node.js now builds with ICU_NO_USER_DATA_OVERRIDE to avoid this.
Closes: #1031834.
Checksums-Sha1:
0d399408794fb3805484a599d650164e40eaa76d 3032 nodejs_10.24.0~dfsg-1~deb10u3.dsc
b1bfcfc5c9bd0ac1fdcc9f0fbbee9da50c359add 114168 nodejs_10.24.0~dfsg-1~deb10u3.debian.tar.xz
df102088033efbb9186298a83a2891588cab371d 9406 nodejs_10.24.0~dfsg-1~deb10u3_amd64.buildinfo
Checksums-Sha256:
47fcb84d27a4af7acd81873ad06e9cd1c5a584313a23d15997e0caa99d5d1cc8 3032 nodejs_10.24.0~dfsg-1~deb10u3.dsc
0d311e581975744b18713069c2fe1524230e17e61537e57a9fd7dd57928879ac 114168 nodejs_10.24.0~dfsg-1~deb10u3.debian.tar.xz
1b519d45de7b08df39b1c6dc76691ad02ef8b4222b6bda0862289cf126761dbe 9406 nodejs_10.24.0~dfsg-1~deb10u3_amd64.buildinfo
Files:
74d2e5dd9446f8b7b82e44e189bfd41b 3032 javascript optional nodejs_10.24.0~dfsg-1~deb10u3.dsc
8e3410b96ae5493527c19f3265996570 114168 javascript optional nodejs_10.24.0~dfsg-1~deb10u3.debian.tar.xz
7624f0daa570a7d6f95992a308f8a412 9406 javascript optional nodejs_10.24.0~dfsg-1~deb10u3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmP5adwACgkQ05pJnDwh
pVI6sBAAw4P1Wl/YtLfLHYX7dzHYf6p7Z1Naoo7NNsZJ70EUXhvvZ9/V0BAI82xn
WcyR17hII35O1a049Mx4KdWoj9tQO5QIrsXdZnR97hp8l8+KKHEkUXxsYOWdzDsv
jD3+hmdd60rivGTokWBxGKstPA8IO8ZZhVxmbSfsjBrQ2fwhvSAlLUbz+vyHJwga
UNmUMOm/+uVQm/CyaKtl/8Y0LZz4z8Gs6WUEEhMpp/9vsKmaypbQ7SGMRqH+4Y4M
gffuK2d2G6E1UXyfsgDkzrSLY/8Ze6zl/DJjIA0+DFK5XDbjdOjz+6IlwRDyULbd
IO/4MmgjLF7tXIGyq09jNbYac/2ZFMBmLvq7I5B0p+SjSnLuLCRuuBXU4clVokNx
VD3zF5tsN0/DGEUPiRwsO0QDQnEmACMc4q2fvYWF00XuZqZO6DZeUlA2uq/mrA2r
+O5VESwpVJthCh+W6HyV8qaNAaX/AuQE+HUw5SOnAGJ3e3D0lybnHesXQcH14YOh
NypO4jSMre9QumJ89G0CpOOnE0aQvS7onGFwbTkXFh9Y8AuWMQaWX8D9K7uJo/ns
Z9iq7GB1KKZon7/XRb3H1qLY4Elhxdn+pNUMaADldm5Vcs5+IESz0pgEf8TpjjDS
W8hKSJp+0kHy6ezxkzfX0JpW0nbsopvASoFPzcK1ooVeDKWwl7c=
=OlrX
-----END PGP SIGNATURE-----