Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted twitter-bootstrap4 4.6.1+dfsg1-5 (source) into unstable
Date: Sun, 13 Apr 2025 12:56:38 +0000
Signed by: Bastien ROUCARIÈS <rouca@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 13 Apr 2025 13:42:02 +0200
Source: twitter-bootstrap4
Architecture: source
Version: 4.6.1+dfsg1-5
Distribution: unstable
Urgency: high
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Closes: 1084059
Changes:
 twitter-bootstrap4 (4.6.1+dfsg1-5) unstable; urgency=high
 .
   * Team upload
   * Fix CVE-2024-6531 (XSS vulnerability):
     An anchor element (<a>), when used for carousel navigation
     with a data-slide attribute, can contain an href attribute
     value that is not subject to proper content sanitization.
     Improper extraction of the intended target carousel’s
     #id from the href attribute can lead to use cases where
     the click event’s preventDefault()
     is not applied and the href is evaluated and executed.
     As a result, restrictions are not applied to the data
     that is evaluated, which can lead to potential
     XSS vulnerabilities.
     (Closes: #1084059)
Checksums-Sha1:
 5b21196eef482f1cae1d2e2500a233b265f0e6b2 2348 twitter-bootstrap4_4.6.1+dfsg1-5.dsc
 e98a1a8175e6450e984d87a197e3afc1aa8716f2 2329588 twitter-bootstrap4_4.6.1+dfsg1.orig.tar.xz
 a41320d5ad422f6442c4458a9c12533d7657e7b1 19664 twitter-bootstrap4_4.6.1+dfsg1-5.debian.tar.xz
 c6d2b14c256114b58cd78c4c5a90619ba92374c5 16875 twitter-bootstrap4_4.6.1+dfsg1-5_amd64.buildinfo
Checksums-Sha256:
 a6ca11e32fe9b62882c19d02b367e35d99c518513e0d1f425eff5e6628db4521 2348 twitter-bootstrap4_4.6.1+dfsg1-5.dsc
 a2fdd5c181d592deb7ea7b1676188978cc60ebf182d1e6c4d6c712e0c6eb8a54 2329588 twitter-bootstrap4_4.6.1+dfsg1.orig.tar.xz
 7f6195374333238bc26ba7e920034a00bbb7f1df0b277eb14304fae1f22dd301 19664 twitter-bootstrap4_4.6.1+dfsg1-5.debian.tar.xz
 e4c70398ebad4dfd471d4ef74ad3839746be5fd4f06e9848c4384eec0eb7b84c 16875 twitter-bootstrap4_4.6.1+dfsg1-5_amd64.buildinfo
Files:
 4cd7b6b3c7094985b588d34e2f04748c 2348 javascript optional twitter-bootstrap4_4.6.1+dfsg1-5.dsc
 d0b7793db9e3976ce87f34dda946affa 2329588 javascript optional twitter-bootstrap4_4.6.1+dfsg1.orig.tar.xz
 3e5b7991a926d50f7b7e4506a4e11f45 19664 javascript optional twitter-bootstrap4_4.6.1+dfsg1-5.debian.tar.xz
 43e1274c702300f7785ecc44da367bcd 16875 javascript optional twitter-bootstrap4_4.6.1+dfsg1-5_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmf7rz8ACgkQADoaLapB
CF8KKRAAh1vJAxcO9KZ727bJH0dFGFJ2uNYcna/TkmhezErwSJehjdPOWZVegzu1
nfo4nxKDU7a3jC4Qi9xy1F/jXsNhWqZQngMp12qodiRL6LfUGlDaxgSpy3088CpO
7HFD/x8l2ZD/2q4KO+GwDC7WFDcACOIYmZEjz0Q/24T8qSTddsUj9TbJid5v/ag8
pOwTLxGJRBoFUz+Iv2Zt+Sper0f955PWOnf75t9Oxc3JJQ2tfcMwSwQg6G4j5P2f
1sGJvBrOJ3p2Y/36hi+etjmC3YwiVQXhPRjpC4sbMX8K6SfTuwuviWxd9sGy6iKX
JbavYjjIhkBSc3o8hQYahPcmT185onii9zR1CDM5fDuqxyCQyzClEw37bKzOqmU/
BusjssXkIxwMtqgiOfOKrNs8inHSvBIhJwxRf+YWoHe6TjMK5dvU3Qt0bXudApOo
aq/5LP3a7inl9ivx8RX/8Vb1szPJ4U6ZNrXGOWdX6h7yIHmTB9HdPvX17HPccsbo
6jPtzaH3U2jTZ4dR6reXzQQPzoWFbHEYa/KyPSblWw0X/tDv5f7EyOKrwVDQv5u3
J9ps/IxDQ7vOEm7OIzo2q5tQVv+71Y3v3FqX7DZLjNI29gnsQJ/WKJUb4FcoDM6B
sh9xEaKtrUxIEAZwcxpCQ2v4kcrib8gtKDBPS+ibcfHiiHm1Oc4=
=lj50
-----END PGP SIGNATURE-----
News for package twitter-bootstrap4
