node-object-path (0.11.4-2+deb10u2) buster-security; urgency=high

  * Non-maintainer upload by the LTS Security Team.
  * CVE-2021-3805: Prototype pollution vulnerability in the `del()`,
    `empty()`, `push()` and `insert()` functions when using the "inherited
    props" mode.
  * CVE-2021-23434: A type confusion vulnerability can lead to a bypass of the
    CVE-2020-15256 fix when the path components used in the path parameter are
    arrays.

 -- Guilhem Moulin <guilhem@debian.org>  Sun, 29 Jan 2023 15:19:31 +0100

node-object-path (0.11.4-2+deb10u1) buster; urgency=medium

  * Team upload
  * Fix prototype pollution in set() (Closes: CVE-2020-15256)

 -- Xavier Guimard <yadd@debian.org>  Thu, 22 Oct 2020 18:38:10 +0200

node-object-path (0.11.4-2) unstable; urgency=medium

  * Update Vcs fields for migration to https://salsa.debian.org/
  * Honor DEB_BUILD_OPTIONS
  * Bump debhelper compat
  * Fix nodejs binary
  * Update copyright

 -- Paolo Greppi <paolo.greppi@libpf.com>  Tue, 08 Jan 2019 14:53:51 +0100

node-object-path (0.11.4-1) experimental; urgency=medium

  * Team upload

  [ Paolo Greppi ]
  * New upstream release
  * Bump standards version and fix section

  [ arunasank ]
  * Port tests to chai 4 (Closes: #884155)

 -- Pirate Praveen <praveen@debian.org>  Sat, 20 Jan 2018 16:46:05 +0530

node-object-path (0.11.3-1) unstable; urgency=low

  * Initial release (Closes: #846215)

 -- Paolo Greppi <paolo.greppi@libpf.com>  Mon, 12 Dec 2016 07:38:26 +0000