node-lodash - Debian Package Tracker

general

source: node-lodash (main)
version: 4.17.21+dfsg+~cs8.31.189.20210220-2
maintainer: Debian Javascript Maintainers (archive) (DMD)
uploaders: Matthew Pideil [DMD] – Pirate Praveen [DMD] – Valentin OVD [DMD]
arch: all
std-ver: 4.5.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 4.16.6+dfsg-2
oldstable: 4.17.11+dfsg-2+deb10u1
old-bpo: 4.17.20+dfsg+~cs8.31.170-1~bpo10+1
stable: 4.17.21+dfsg+~cs8.31.173-1
testing: 4.17.21+dfsg+~cs8.31.189.20210220-2
unstable: 4.17.21+dfsg+~cs8.31.189.20210220-2

versioned links

4.16.6+dfsg-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.17.11+dfsg-2+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.17.20+dfsg+~cs8.31.170-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.17.21+dfsg+~cs8.31.173-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.17.21+dfsg+~cs8.31.189.20210220-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libjs-lodash
node-lodash
node-lodash-packages

action needed

Problems while searching for a new upstream version high

uscan had problems while searching for a new upstream version:

unknown ctype nodejs

Created: 2021-08-25 Last update: 2021-09-22 01:38

Multiarch hinter reports 2 issue(s) normal

There are issues with the multiarch metadata for this package.

node-lodash could have its dependency on nodejs annotated with :any
node-lodash-packages could have its dependency on nodejs annotated with :any

Created: 2021-09-18 Last update: 2021-09-21 22:41

lintian reports 297 warnings normal

Lintian reports 297 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2021-09-06 Last update: 2021-09-06 18:34

3 low-priority security issues in buster low

There are 3 open security issues in buster.

3 issues left for the package maintainer to handle:

CVE-2020-28500: (needs triaging) Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
CVE-2020-8203: (needs triaging) Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.
CVE-2021-23337: (needs triaging) Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2021-08-21 05:07

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.0 instead of 4.5.1).

Created: 2021-08-18 Last update: 2021-08-18 14:03

news

[rss feed]

[2021-08-21] node-lodash 4.17.21+dfsg+~cs8.31.189.20210220-2 MIGRATED to testing (Debian testing watch)
[2021-08-15] Accepted node-lodash 4.17.21+dfsg+~cs8.31.189.20210220-2 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2021-04-20] Accepted node-lodash 4.17.21+dfsg+~cs8.31.189.20210220-1 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2021-03-18] node-lodash 4.17.21+dfsg+~cs8.31.173-1 MIGRATED to testing (Debian testing watch)
[2021-03-13] Accepted node-lodash 4.17.21+dfsg+~cs8.31.173-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2021-01-12] node-lodash 4.17.20+dfsg+~cs8.31.172-1 MIGRATED to testing (Debian testing watch)
[2021-01-09] Accepted node-lodash 4.17.20+dfsg+~cs8.31.170-1~bpo10+1 (source all) into buster-backports (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2021-01-07] Accepted node-lodash 4.17.20+dfsg+~cs8.31.172-1 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-11-22] node-lodash 4.17.20+dfsg+~cs8.31.170-1 MIGRATED to testing (Debian testing watch)
[2020-11-17] Accepted node-lodash 4.17.20+dfsg+~cs8.31.170-1 (source) into unstable (Xavier Guimard)
[2020-10-19] node-lodash 4.17.20+dfsg-1 MIGRATED to testing (Debian testing watch)
[2020-10-14] Accepted node-lodash 4.17.20+dfsg-1 (source) into unstable (Xavier Guimard)
[2020-08-02] node-lodash 4.17.19+dfsg1-1 MIGRATED to testing (Debian testing watch)
[2020-07-28] Accepted node-lodash 4.17.19+dfsg1-1 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-07-19] Accepted node-lodash 4.17.19+dfsg-1 (source) into unstable (Xavier Guimard)
[2020-03-08] Accepted node-lodash 4.17.15+dfsg-2~bpo10+1 (source all) into buster-backports (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2020-02-04] node-lodash 4.17.15+dfsg-2 MIGRATED to testing (Debian testing watch)
[2020-01-30] Accepted node-lodash 4.17.15+dfsg-2 (source) into unstable (Xavier Guimard)
[2019-09-27] node-lodash 4.17.15+dfsg-1 MIGRATED to testing (Debian testing watch)
[2019-09-05] Accepted node-lodash 4.17.11+dfsg-4~bpo10+1 (source all) into buster-backports, buster-backports (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2019-08-25] Accepted node-lodash 4.17.11+dfsg-2+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Xavier Guimard)
[2019-08-13] Accepted node-lodash 4.17.15+dfsg-1 (source) into unstable (Xavier Guimard)
[2019-08-07] node-lodash 4.17.11+dfsg-4 MIGRATED to testing (Debian testing watch)
[2019-08-05] Accepted node-lodash 4.17.11+dfsg-4 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2019-06-27] Accepted node-lodash 4.17.11+dfsg-3 (source all) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2019-02-28] node-lodash 4.17.11+dfsg-2 MIGRATED to testing (Debian testing watch)
[2019-02-18] Accepted node-lodash 4.17.11+dfsg-2 (source all) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2018-09-23] node-lodash 4.17.11+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-09-21] Accepted node-lodash 4.17.11+dfsg-1 (source all) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2017-08-28] node-lodash 4.17.4+dfsg-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 0

links

homepage
lintian (0, 297)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 4.17.21+dfsg+~cs8.31.173-1
1 bug