Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted dojo 1.14.2+dfsg1-1+deb10u3 (source) into oldstable
Date: Sat, 28 Jan 2023 21:30:33 +0000
Signed by: Guilhem Moulin <guilhem@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 28 Jan 2023 18:18:31 +0100
Source: dojo
Architecture: source
Version: 1.14.2+dfsg1-1+deb10u3
Distribution: buster-security
Urgency: high
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 970000 1014785
Changes:
 dojo (1.14.2+dfsg1-1+deb10u3) buster-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2020-4051: Cross-site scripting (XSS) vulnerability in the Editor's
     LinkDialog plugin (closes: #970000).
   * CVE-2021-23450: Prototype pollution vulnerability via the setObject()
     function (closes: #1014785).
Checksums-Sha1:
 4346bc6c5d201334d8b52099510ca615cd92b50e 2411 dojo_1.14.2+dfsg1-1+deb10u3.dsc
 a074e48d5e54715339107dd285c1c8faaa94beef 33910890 dojo_1.14.2+dfsg1.orig.tar.gz
 77c0676179b9b88173d3f39dd1f9ce4e40dfd90f 18636 dojo_1.14.2+dfsg1-1+deb10u3.debian.tar.xz
 562dd988af3e487385715e391a8400d2acf025de 12202 dojo_1.14.2+dfsg1-1+deb10u3_amd64.buildinfo
Checksums-Sha256:
 8ecac9f2b3c721b5024fd52c943ce43f4d1d72e185da09eaedc34818641e17c6 2411 dojo_1.14.2+dfsg1-1+deb10u3.dsc
 be2de52239390eb5181746ad5af4417af71f85d306722f7bff62e924e03d5632 33910890 dojo_1.14.2+dfsg1.orig.tar.gz
 aa7d2a60549239973cb9f4dc4fdeaadbfae421da9032ba7111975c50f2e157be 18636 dojo_1.14.2+dfsg1-1+deb10u3.debian.tar.xz
 dee4e12fe7487cf133e725b87f16ecc54bf6a48001d7e1ff5f33eb14f19b20f7 12202 dojo_1.14.2+dfsg1-1+deb10u3_amd64.buildinfo
Files:
 1409c69db48bc8d44926a1f8d1d849ac 2411 javascript optional dojo_1.14.2+dfsg1-1+deb10u3.dsc
 5b4e54e4d55060253a6084926ad7e478 33910890 javascript optional dojo_1.14.2+dfsg1.orig.tar.gz
 eed0aa760ab5c966f21337126bf221de 18636 javascript optional dojo_1.14.2+dfsg1-1+deb10u3.debian.tar.xz
 c4235e6d7ad8bdeaf2206c864404e9c3 12202 javascript optional dojo_1.14.2+dfsg1-1+deb10u3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmPVWdwACgkQ05pJnDwh
pVLvLg//aPGXj0mEHV/k+x5IW8Fjkt206SJ45iB1UIxWoP4VtKJOyIElhCrt+LsH
tShso3G6pK0qnBRtrRfwIkMXZ7l8hLY7Ot8rNr3tQbS2/uQD6JCMxB1C37Vo+X8y
N0KmxDp//TBNydvAJuxsEtzNLd4WYuzqK4yqM4a1Jftq+eRDbgxFBnT/tVRMlTXv
ujTkECzR6yLRWEAAPtrCZwMLUb7M8nVDdO7J+sy6QDm4xyC+xntu4B3UyfBDfOgc
v+TxJx21GgaHirapzKkHZYojV0JQFvSlf/N4wTN/CFb9youFmSAQFXUdbikc5i2t
skt56lC8UiBDN3efJwETKdxRZgtLANxF1sk/CZfzT51fRKMf1IOCkYpAVeR6Mfbp
t4FPSl2LixvpH2PG/cYEtAOigzXsFM3lIRZaFB4nRtEo5YCUhKsIRfsiz6/Dgn7v
hJTym09e9WwQcTEifQUrfqCQg6rxS8H6EcS2VVbQpX9fNN4ivzUCCECn193fouvm
24rYm3rHG5mRz+gFuH0aik95HExLNQxflfua66I2/84ku0RnF93CYlpTBztUeETc
gGG7+d24Y7WZA4qDWXiYcV9cP3GznDHG/3eqMNFZz4YK+3bzCFhN5sF1+aFiwll3
CdDAUeTSt49Xab2ZcipFJBQoX+ysVZSvxZMVMLv4VpjBHd6MnL8=
=gZnX
-----END PGP SIGNATURE-----

News for package dojo