-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 15 Dec 2019 16:19:02 +0100
Source: npm
Architecture: source
Version: 5.8.0+ds6-4+deb10u1
Distribution: buster
Urgency: medium
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>
Changed-By: Xavier Guimard <yadd@debian.org>
Changes:
npm (5.8.0+ds6-4+deb10u1) buster; urgency=medium
.
* Add patches to fix arbitrary path access
(Closes: CVE-2019-16775, CVE-2019-16776, CVE-2019-16777)
Checksums-Sha1:
f19e13066de393472a19a4f7382248ff92fe3ac4 4089 npm_5.8.0+ds6-4+deb10u1.dsc
9353627ac1072d475a894b3bde11d3bdcdc0e1a0 22632 npm_5.8.0+ds6-4+deb10u1.debian.tar.xz
Checksums-Sha256:
f292a9cff2257d4e52cf9881f88736519b669079e67f546f16c310d72f5a938a 4089 npm_5.8.0+ds6-4+deb10u1.dsc
bca5ee5d32243f46affe8674a267b1368ee9ab059525561b99b24ead134f59fc 22632 npm_5.8.0+ds6-4+deb10u1.debian.tar.xz
Files:
572c0d2698fd64e75c5f72b363a992e7 4089 javascript optional npm_5.8.0+ds6-4+deb10u1.dsc
d3f5aa66877165ea9dc0e83393348720 22632 javascript optional npm_5.8.0+ds6-4+deb10u1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEAN/li4tVV3nRAF7J9tdMp8mZ7ukFAl6kjOsACgkQ9tdMp8mZ
7ulEoRAAlypDXLBlKn0X0LmbrsGmV3u9QztQLLMlITl11OgvkxPpQrNgt1YQulE+
168SXWT2vGgcft+0bbZ/MYjocfHsCppGTfbHzi+1cPC1PWDwNjGonCi7U+h5YNVN
zy1MfZpLyOyxp4cIypMDcY17KvOQ9hTTjcmPORaP2uMhvL6JRJHFHd2R9ySoiu7U
m3h+Sx4AWkbIvL0MN9KFnVLewoAYQj7Mg/SAemjcOUWvBlWVZIMCNv06rsscVD+0
FD5pdU66J0b2yzpVfba1JSuQcOV4JeGIg2q7aeqE+JSQSjyKUkZkANpSCw4cPI36
ZvucHXGQ7mIsuAUTnHx3wTVCJck9UzSY/2wMZtWVQK3bijq3DboYXuGxoxuPhba4
qNzLpF50vVsW84EIkZqox0eUt/8zKOfCMLgAlesG2P+ZUX0jyX1HiSpxMX4MMdP4
1oFh0wFWXTzKYSM6d9+mMm/IuRZQFYfK8I4RHOffnhogYSqFBn9C0e9ZRfKQ5KIB
H/N4DcvlCyHEkggjTrl04LNjN8BKVRYnXz2iqnKFUUlGRLsv0rxbHvPvZsrGKH0a
Q+62NdF/sbheKAKL7asbPP+Ka/immG+lLTcyKf4lGgnHZ0glUC91QUI8nGTSZPg8
nLhIx5z1S08JCgq6YENrSjAKBu/U4aW7dXovGivnRUrLU4HcyXg=
=oFQR
-----END PGP SIGNATURE-----
