Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted twitter-bootstrap3 3.4.1+dfsg-2+deb11u2 (source) into oldstable-security
Date: Sun, 01 Jun 2025 09:20:37 +0000
Signed by: Bastien ROUCARIÈS <rouca@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 30 May 2025 18:17:56 +0200
Source: twitter-bootstrap3
Architecture: source
Version: 3.4.1+dfsg-2+deb11u2
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Closes: 1105899
Changes:
 twitter-bootstrap3 (3.4.1+dfsg-2+deb11u2) bullseye-security; urgency=medium
 .
   * Team upload
   * Fix CVE-2025-1647 (Closes: #1105899)
     Improper Neutralization of Input During Web Page
     Generation (XSS or 'Cross-site Scripting') vulnerability
     in Bootstrap allows Cross-Site Scripting (XSS)
     DOM-based cross-site scripting (XSS) via DOM clobbering
     occurs when an attacker manipulates the Document Object Model
     (DOM) to overwrite or "clobber" an existing DOM object,
     leading to the execution of malicious scripts, particularly
     document.implementation variable.
Checksums-Sha1:
 40ec55446184c62a45c2a7c5ffeb3d107e0c9ca6 2313 twitter-bootstrap3_3.4.1+dfsg-2+deb11u2.dsc
 0c1b1b026a103e470bb29f0d54445e44d2ab8f49 2011336 twitter-bootstrap3_3.4.1+dfsg.orig.tar.xz
 ac8071a5ee263f0e833b72823a9c68e63909d7cd 55792 twitter-bootstrap3_3.4.1+dfsg-2+deb11u2.debian.tar.xz
 cb70d2abd52accc6854a5300352a9cd83dc4b3a9 7796 twitter-bootstrap3_3.4.1+dfsg-2+deb11u2_amd64.buildinfo
Checksums-Sha256:
 b860be1d70d2639ebc6d27a05805a54b8a163e96b21a1017a4e73143836a1bdc 2313 twitter-bootstrap3_3.4.1+dfsg-2+deb11u2.dsc
 9eb17937c62ff1133779bdca0b2ee62bfc3a8fc3348aef3b197e6020c9ce3528 2011336 twitter-bootstrap3_3.4.1+dfsg.orig.tar.xz
 efafcc07c34afaa8685f643e2c916d0473a1df565508b043309cccb2059865b1 55792 twitter-bootstrap3_3.4.1+dfsg-2+deb11u2.debian.tar.xz
 9baf6a65808910713c7dbe7022666763e2c20d1c1847b3be439fe2eb10d51d50 7796 twitter-bootstrap3_3.4.1+dfsg-2+deb11u2_amd64.buildinfo
Files:
 54bd40e2310fbf460fcaf845653f991a 2313 javascript optional twitter-bootstrap3_3.4.1+dfsg-2+deb11u2.dsc
 504ddae4ecdda987cbe48168d176ab41 2011336 javascript optional twitter-bootstrap3_3.4.1+dfsg.orig.tar.xz
 8ac6862c998fd509d80a49a1a88bc570 55792 javascript optional twitter-bootstrap3_3.4.1+dfsg-2+deb11u2.debian.tar.xz
 929e685a3669571d1d28b7272c093f7e 7796 javascript optional twitter-bootstrap3_3.4.1+dfsg-2+deb11u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmg8GAEACgkQADoaLapB
CF8R5Q/8CTbG7iugi7ezNLZlw5uOChZDAqOCgdGnm1LTOxcYhfPzSVEBnGDv8ID/
RpzJhjffPOyGaBSxRB+GBWmZy6+GI+wmTXQP82KcHmAyzPyRTUOhisAnoSZhxdmH
C9hDIx3lcIsooYl6F2bMGHStz2mLt8Tm4zQ/zHkLxi2bdzQG3boTmNzDKeptB0/N
NzuyRAj+1dQVowTjqaIBXshVE2A02Sj46l5xjWupB+6MJ088Jqbjtmpmp+p0uLlK
rRWs//veYL2lhaflvKel6kj3SeiDW45wxtpUNobBH32Oc+/XKHAWmRcbswrhx9je
je3vyA0aR1Mkr3eX+fqXYrtYA4qSvBUHkJi3+eMnp9osDbjspHZquunN2ZbI9evP
fx1d/WlPoXB+BIBj/YDA0ccAxCn5WVUYSloJGGRLmSYORnnDEUXZom5BpawRZCRQ
uCzgg7tXWKjF9IheXUAhl2IZhyJOZ1E7ket5IkQB8cE30Oo+hvMzCSjrEPdbLhPQ
piX9UDtMFi77NEoMYNCy1EgFiaDn4HEAmxXJfmNjmV8fFe85mLm7ey/E1R/0+8N5
oRKhsq7vnSzsQISYTRXRfn/Lyeq+GkaEfpj7TJdsRFQJyo9lWlV+wMyL50oODAfF
g+y212kmQgDpxNGhWJQi7QKm61pS1G9A5saxICEIKptniLl56to=
=R5QN
-----END PGP SIGNATURE-----

News for package twitter-bootstrap3