Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted node-mocha 8.2.1+ds1+~cs29.4.27-3+deb11u1 (source) into oldstable-security
Date: Sat, 11 Jan 2025 11:10:28 +0000
Signed by: Bastien ROUCARIÈS <rouca@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 11 Jan 2025 10:48:01 +0000
Source: node-mocha
Architecture: source
Version: 8.2.1+ds1+~cs29.4.27-3+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Changes:
 node-mocha (8.2.1+ds1+~cs29.4.27-3+deb11u1) bullseye-security; urgency=medium
 .
   * Fix CVE-2021-23566: Nanoid was vulnerable to Information
     Exposure via the valueOf() function which allows to
     reproduce the last id generated.
   * Fix CVE-2024-55565:
     nanoid (aka Nano ID) a subcomponent of this package
     mishandles non-integer values that could lead to DoS
     by infinite loop.
Checksums-Sha1:
 9201136042f159e97554a61b1a27a2bd92832a34 5557 node-mocha_8.2.1+ds1+~cs29.4.27-3+deb11u1.dsc
 6257e3aba78b60220e1c66865b5a71e82bad0df9 31044 node-mocha_8.2.1+ds1+~cs29.4.27.orig-flat.tar.xz
 984cd4a98541e2d5037e90ef86ac0b66bcb23141 17056 node-mocha_8.2.1+ds1+~cs29.4.27.orig-log-symbols.tar.xz
 329608e5ad03e9ea87b7ceb87d5999b5d2cb5f65 195184 node-mocha_8.2.1+ds1+~cs29.4.27.orig-nanoid.tar.xz
 339ae87029d571cabfe887c6b505984a2cd37031 13284 node-mocha_8.2.1+ds1+~cs29.4.27.orig-types-mocha.tar.xz
 807beb90a6cbaac8d40612317772318115f92f55 2544 node-mocha_8.2.1+ds1+~cs29.4.27.orig-ungap-promise-all-settled.tar.xz
 133b31ae0d28b25900d3260f39992fe664038433 84596 node-mocha_8.2.1+ds1+~cs29.4.27.orig-workerpool.tar.xz
 6caaf0c5270819c41efc382b56e0801395238064 60508 node-mocha_8.2.1+ds1+~cs29.4.27.orig-yargs-unparser.tar.xz
 15bb314ca032b9993b5b7639526b5dde953cce7a 1467992 node-mocha_8.2.1+ds1+~cs29.4.27.orig.tar.xz
 bf8fe20f58b2e98a7f5f5671bbdf4d5d80f1b86e 17848 node-mocha_8.2.1+ds1+~cs29.4.27-3+deb11u1.debian.tar.xz
 0740f552a4eca7602cc141b457d9adf27b464664 20219 node-mocha_8.2.1+ds1+~cs29.4.27-3+deb11u1_amd64.buildinfo
Checksums-Sha256:
 3a932c29c0f6e6039b53d2328d20c349cc318105581628df75fdb4926454369f 5557 node-mocha_8.2.1+ds1+~cs29.4.27-3+deb11u1.dsc
 b541001e8b0bb2cdc03568f23e70680ada72d17ac43b2fdfb38cd6c6b1c853ac 31044 node-mocha_8.2.1+ds1+~cs29.4.27.orig-flat.tar.xz
 e61caf9b4fa828befb7c347567ffdf7a84cd8667bc97776608fa21200e10301d 17056 node-mocha_8.2.1+ds1+~cs29.4.27.orig-log-symbols.tar.xz
 dc338e14a77a1ab9f36eac4d5afa1c963e0d3b7768aae2b01a4474278056e01e 195184 node-mocha_8.2.1+ds1+~cs29.4.27.orig-nanoid.tar.xz
 459dd85dee8badb6f607a50cae9c3357e946b5a8f483816b1c2d3280672725c8 13284 node-mocha_8.2.1+ds1+~cs29.4.27.orig-types-mocha.tar.xz
 3b3f96b6e11de3254df0f2b17c8cbd142f2861fa9fe84fe569d7214718ddb631 2544 node-mocha_8.2.1+ds1+~cs29.4.27.orig-ungap-promise-all-settled.tar.xz
 18144e3daee704b1fc200d536a202d7cfdb14883e08c02e6d9818e62c875d31d 84596 node-mocha_8.2.1+ds1+~cs29.4.27.orig-workerpool.tar.xz
 16d09e3174ce78d0e33ba96e9739b910bf1d7f16977be15816eb8b0ef3488b22 60508 node-mocha_8.2.1+ds1+~cs29.4.27.orig-yargs-unparser.tar.xz
 c6aad4d626c9d3165735b94e5264165a7af911460eca893198d763bcb162b849 1467992 node-mocha_8.2.1+ds1+~cs29.4.27.orig.tar.xz
 ef6f2b25ec5053a2d35f6757ef98886e8f8d2ea5143cd078202eaba4ff6d9105 17848 node-mocha_8.2.1+ds1+~cs29.4.27-3+deb11u1.debian.tar.xz
 268ac497fe23de70b6c439cc17c255293ca409e31985e071b0a94131453c04e8 20219 node-mocha_8.2.1+ds1+~cs29.4.27-3+deb11u1_amd64.buildinfo
Files:
 a51287a74de178ec968cb1b8cb6eb2d2 5557 javascript optional node-mocha_8.2.1+ds1+~cs29.4.27-3+deb11u1.dsc
 fd2eb90251b77cbef6721d75aae3d82d 31044 javascript optional node-mocha_8.2.1+ds1+~cs29.4.27.orig-flat.tar.xz
 8cc7b5122765d802b15745b2b489eca9 17056 javascript optional node-mocha_8.2.1+ds1+~cs29.4.27.orig-log-symbols.tar.xz
 7866ddbe895b6a56e6c013788fdbc204 195184 javascript optional node-mocha_8.2.1+ds1+~cs29.4.27.orig-nanoid.tar.xz
 509500c9cd91e4d48e959fefc61d9239 13284 javascript optional node-mocha_8.2.1+ds1+~cs29.4.27.orig-types-mocha.tar.xz
 13ecdef6f3be13792f9d1db947144016 2544 javascript optional node-mocha_8.2.1+ds1+~cs29.4.27.orig-ungap-promise-all-settled.tar.xz
 69befd2106cb567458848bb78bb7e267 84596 javascript optional node-mocha_8.2.1+ds1+~cs29.4.27.orig-workerpool.tar.xz
 c2da2d34b7676bf0e80db52b9b4f6f46 60508 javascript optional node-mocha_8.2.1+ds1+~cs29.4.27.orig-yargs-unparser.tar.xz
 17e28d91e1db79ee2c80230a2b31d0fd 1467992 javascript optional node-mocha_8.2.1+ds1+~cs29.4.27.orig.tar.xz
 a313510a7f9c5af191bea755a811540a 17848 javascript optional node-mocha_8.2.1+ds1+~cs29.4.27-3+deb11u1.debian.tar.xz
 406ee04e205cff1d6f33e1f2e4543022 20219 javascript optional node-mocha_8.2.1+ds1+~cs29.4.27-3+deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmeCTtwRHHJvdWNhQGRl
Ymlhbi5vcmcACgkQADoaLapBCF8bBA/3U0nms9gtDHVG3t3Ia37UxPEf2u8h6t+W
JEeSVnBuWqX53iGpO/5oIAi8HGp6l+j+xEzUxjUL3Ijx3l/mIWWqbHEjL3x7z8c2
ce/rb+qMe4J2F9u/xbX2hOkc23Nc7U9EjdesCL5lRJftryWZfKesQeDnd+4eek9c
QkzhqtW6nTWDKK2EutmleNazuQiRY2r645SVwXXFq2sncfFgX3u+wYKDTXuuTiqE
8ck7whqKuEDoXwQWX5s9ndEP6W4p9ZytMPGcaVM2vy9XMOpLkX7kl5LLw6pXTx2Z
NOfXF4yV3exy7osOJyJC9I6+jyHtYPt8TrifWeroaRqeINJlq7pp9SYUZhwxrAgq
KxYFt2stupnlGTh9IsHoemlscbrorGk0b6mNNJAn46QwjF6evfMTeF1/3Lh0LnkQ
mADQBduuhnnCdTjl0cu4PvPCJH11EQdzoCrs98lHw77iTVtwz+Mz62qW3370yXmz
eFw55pZKrh47vEfJ3EEeX3zQgHnWMUP9ZCosxvgcK/8HrpEblJ96XNZD7hsvTyXG
B6Wjwfz285ptqKiJ4i1JlAJtJb0Jd7wctB95EX5QejoUESaQz7a9RVidQ1vgjO5J
KVo+PlWGqqjlTTXQpJZoErwdsb477WzIi4fGncb+1cStpyYeR694XZawV/sdI9iN
np+R6lwYlw==
=y+lY
-----END PGP SIGNATURE-----
News for package node-mocha
