Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-experimental-changes@lists.debian.org> , <debian-devel-changes@lists.debian.org>
Subject: Accepted nodejs 14.11.0~dfsg-2 (source) into experimental
Date: Thu, 17 Sep 2020 17:03:36 +0000
Signed by: Jérémy Lal <kapouer@melix.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 17 Sep 2020 18:11:35 +0200
Source: nodejs
Architecture: source
Version: 14.11.0~dfsg-2
Distribution: experimental
Urgency: medium
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@alioth-lists.debian.net>
Changed-By: Jérémy Lal <kapouer@melix.org>
Changes:
 nodejs (14.11.0~dfsg-2) experimental; urgency=medium
 .
   * Rewrite changelog with the CVE
 .
 nodejs (14.11.0~dfsg-1) experimental; urgency=medium
 .
   * New upstream version 14.11.0~dfsg
     Vulnerabilities fixed
     + CVE-2020-8251
       Denial of Service by resource exhaustion CWE-400 due to
       unfinished HTTP/1.1 requests (Critical)
     + CVE-2020-8252
       fs.realpath.native on may cause buffer overflow (Medium)
   * Refresh patches
Checksums-Sha1:
 1a4f1a78d750f57be073723f6827632c2cad27e9 3170 nodejs_14.11.0~dfsg-2.dsc
 d3975ac693cc42f2516bffbe9cfc09a8c5c3ff30 133544 nodejs_14.11.0~dfsg-2.debian.tar.xz
 7ee7b98c2188f461f11975a6b4ea31b894b25ad8 9040 nodejs_14.11.0~dfsg-2_source.buildinfo
Checksums-Sha256:
 6a83639a2a6ccc9bfa1b1f403ad5dd9760a43a943c77b040ecf45a8e7dbbd2c4 3170 nodejs_14.11.0~dfsg-2.dsc
 3665960fec7fa028fe604218682a85b345788f79df0a1dcbd84043ce8b104c48 133544 nodejs_14.11.0~dfsg-2.debian.tar.xz
 1e3d5ff7361169a114ffbcbd1d9bf842c221a433d62eff5e57adba512ab03951 9040 nodejs_14.11.0~dfsg-2_source.buildinfo
Files:
 167aa3be547e2357bf343563e6f4d479 3170 javascript optional nodejs_14.11.0~dfsg-2.dsc
 18323ec670eaafc1e6e0b1475eb49ae0 133544 javascript optional nodejs_14.11.0~dfsg-2.debian.tar.xz
 121b2f0be292cf47b1f9f42db54b42a7 9040 javascript optional nodejs_14.11.0~dfsg-2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEEA8Tnq7iA9SQwbkgVZhHAXt0583QFAl9jkGASHGthcG91ZXJA
bWVsaXgub3JnAAoJEGYRwF7dOfN0fqQP/3/7+I5JArDfSkZ5dHXKEJEBo5MMFfcA
F2qGaOnqokB+it0SzekvTw2CtfGVh/7MrxjHHAXFu8FyD5P/EsZSdUcdBcHvsB05
ckFcTTR1UALTWYZDgcS6Rg4wnIi+XCVOt7dXP0K6BB+uvTiC4Cn+pXeT+ie233bX
bXwIG/22YWBd6jSgVi1VKK5D9Se9fH6xSbA5qLFoPCzm+gMmyra7yagpDyWzC/JW
WDPODlKjBW6T2eGilWIhYXfmDpl8TlLn+56XBL2wQ31zr9l2rmhLneJarZKicrbt
LrNnec1zcns4TXazrQczcR+vaUhhssPzqepR0dMrFtV2+ZWVWJy92wNIj3/mo8zo
kg2QqdmwoMKSnByjqY09EfNxdgdfBvUzx+XZ0a1GYAqrLwVll4yK+L/DEQIItanB
l4QYlzhDUGUtjZs+5aC9kZJj5tlximohcMMNJ6guCCQJe1m1q/5AwPP25fmyYMmO
+bHPAq9m+2U6B5w6KJSn42YQoEYpeEX3hQURN4WPr6fyluqqU45/9a9KX2CvzV4h
uN20REqzROE9aXUsQaoZkwGsJDpGCvAEsnrm0ftcICbqCgQb5H0Zkja4IvYDhUPK
ucbiA/DLFWvPBXL0jD/cRAf9nbO3PRW7DELKc1m4pV0D0XQPhgQxQlQpw17kpoIT
vNwgFwoMgTl3
=RbfG
-----END PGP SIGNATURE-----

News for package nodejs