-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 30 May 2025 18:17:56 +0200 Source: twitter-bootstrap3 Architecture: source Version: 3.4.1+dfsg-5 Distribution: unstable Urgency: medium Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org> Changed-By: Bastien Roucariès <rouca@debian.org> Closes: 1105899 Changes: twitter-bootstrap3 (3.4.1+dfsg-5) unstable; urgency=medium . * Team upload * Fix CVE-2025-1647 (Closes: #1105899) Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bootstrap allows Cross-Site Scripting (XSS) DOM-based cross-site scripting (XSS) via DOM clobbering occurs when an attacker manipulates the Document Object Model (DOM) to overwrite or "clobber" an existing DOM object, leading to the execution of malicious scripts, particularly document.implementation variable. Checksums-Sha1: da92956ad204fa74ba2b8714f70b95bb226e21e6 2271 twitter-bootstrap3_3.4.1+dfsg-5.dsc 0c1b1b026a103e470bb29f0d54445e44d2ab8f49 2011336 twitter-bootstrap3_3.4.1+dfsg.orig.tar.xz 2c43ec293cb942b34bc1423ce0842e2e34a04b8e 55744 twitter-bootstrap3_3.4.1+dfsg-5.debian.tar.xz 756937e26650c123b17d55f8ced4723fa21ba0cb 7714 twitter-bootstrap3_3.4.1+dfsg-5_amd64.buildinfo Checksums-Sha256: e3599b03f2ea175e4254bf8d632be2ece19392e2f10e2652b575664920c8ab09 2271 twitter-bootstrap3_3.4.1+dfsg-5.dsc 9eb17937c62ff1133779bdca0b2ee62bfc3a8fc3348aef3b197e6020c9ce3528 2011336 twitter-bootstrap3_3.4.1+dfsg.orig.tar.xz 993feb03d1203fedb0b998160bb16187c43079ed1e8587b473edbd144eeaf914 55744 twitter-bootstrap3_3.4.1+dfsg-5.debian.tar.xz dc5512b462c5fe2e209cdd9e7bafa16bd7b9cee6391031a2d3a4a8219efe2c97 7714 twitter-bootstrap3_3.4.1+dfsg-5_amd64.buildinfo Files: cae8e83ae417799b31e1b4a64aae0da1 2271 javascript optional twitter-bootstrap3_3.4.1+dfsg-5.dsc 504ddae4ecdda987cbe48168d176ab41 2011336 javascript optional twitter-bootstrap3_3.4.1+dfsg.orig.tar.xz cff4d414db93e3a8bd4a5b5da3115859 55744 javascript optional twitter-bootstrap3_3.4.1+dfsg-5.debian.tar.xz da3e265a5ce09451b900263aae8b36b8 7714 javascript optional twitter-bootstrap3_3.4.1+dfsg-5_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmg8FKoACgkQADoaLapB CF8q/g//eBaf8Wn8njSFwCnLGSsMsGgl572ygGoPL8amtywhR4HWjlleEceSenc8 iEd2seJft8YLeqUCsAzOq5KTbseN/QdpMCWL62HC+UO+SWEBp2JOgDG6CTyO1HYT XebDCuKsVUS4MwquBkMtOsUgGDsZvlXKFibpPR/rhhOxqjE7jyJg+xWYtj1R0UPF 75xv3ck7HmNrkqwjRWqa98MnXQ7C4GP8j+ZOdLYZw3TOS352jwNzZKOviQbpMHd8 67JlzhrnsNUCEGsBlOC/kecmuuElRj/IVjhLgHHoLo4LEcN+vNar+vqKcMUfu0cS WksGG2cT0txIlEUlW8F31odlC4d9z8XosWDuHZvzCfmJe0Kul69sR8R4Idl5soA6 21kyNcFFbmEjGv+eK7RBHmoRPvsHPeuVtfT2POmrCvJBgW472luORKvfh3FdV8Oi sK2Fg/bslr5+epNm0UphnOBKNuW1VYj5zah3+HgMn/xUhBPHL4z0pVf5CE27BEIn ePz4fai/a8uq4AmO46iUGkkZwoY6vBREJoRGsBG5Ge/0Ew+jCXPTgwPbrqw/fCYM DXiv5esPShosjuwmjU68Sn83R55wdjcergBtw+hRCZEs6TzPCSjbxdbLPxZk+ntF KkfpoqCaQZF6OHGxK9E+JJtP1DaVbqm5DAs18b/sicfxhUl2czE= =0AqX -----END PGP SIGNATURE-----
