Register | Log in

node-babel7

Babel compiler for writing next generation JavaScript

Choose email to subscribe with

general

source: node-babel7 (main)
version: 7.20.15+ds1+~cs214.269.168-17
maintainer: Debian Javascript Maintainers (archive) (DMD)
uploaders: Pirate Praveen [DMD]
arch: all
std-ver: 4.7.4
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 7.12.12+~cs150.141.84-6+deb11u1
o-o-sec: 7.12.12+~cs150.141.84-6+deb11u1
oldstable: 7.20.15+ds1+~cs214.269.168-3+deb12u2
old-sec: 7.20.15+ds1+~cs214.269.168-3+deb12u1
stable: 7.20.15+ds1+~cs214.269.168-8
testing: 7.20.15+ds1+~cs214.269.168-17
unstable: 7.20.15+ds1+~cs214.269.168-17

versioned links

7.12.12+~cs150.141.84-6+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
7.20.15+ds1+~cs214.269.168-3+deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
7.20.15+ds1+~cs214.269.168-3+deb12u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
7.20.15+ds1+~cs214.269.168-8: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
7.20.15+ds1+~cs214.269.168-17: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

node-babel7 (1 bugs: 0, 1, 0, 0)
node-babel7-debug
node-babel7-runtime
node-babel7-standalone

action needed

A new upstream version is available: 8.0.3+~cs214.331.170 high

A new upstream version 8.0.3+~cs214.331.170 is available, you should consider packaging it.

Created: 2026-05-02 Last update: 2026-06-29 19:03

2 security issues in trixie high

There are 2 open security issues in trixie.

1 important issue:

CVE-2026-49356: Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingURL comment. Using @babel/core to compile maliciously crafted code can allow an attacker to read any source map from the system that is running Babel, if the attacker controls the input source code, can read the output source code, and knows the path of the source map file that they want to read. This vulnerability is fixed in 8.0.0-rc.6 and 7.29.6.

1 issue left for the package maintainer to handle:

CVE-2026-44728: (needs triaging) Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and 8.0.0-alpha.13.

You can find information about how to handle this issue in the security team's documentation.

Created: 2026-06-02 Last update: 2026-06-27 00:18

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2026-44728: Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and 8.0.0-alpha.13.
CVE-2026-49356: Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingURL comment. Using @babel/core to compile maliciously crafted code can allow an attacker to read any source map from the system that is running Babel, if the attacker controls the input source code, can read the output source code, and knows the path of the source map file that they want to read. This vulnerability is fixed in 8.0.0-rc.6 and 7.29.6.

Created: 2026-06-02 Last update: 2026-06-27 00:18

2 security issues in forky high

There are 2 open security issues in forky.

2 important issues:

CVE-2026-44728: Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and 8.0.0-alpha.13.
CVE-2026-49356: Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingURL comment. Using @babel/core to compile maliciously crafted code can allow an attacker to read any source map from the system that is running Babel, if the attacker controls the input source code, can read the output source code, and knows the path of the source map file that they want to read. This vulnerability is fixed in 8.0.0-rc.6 and 7.29.6.

Created: 2026-06-02 Last update: 2026-06-27 00:18

2 security issues in bullseye high

There are 2 open security issues in bullseye.

2 important issues:

CVE-2026-44728: Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and 8.0.0-alpha.13.
CVE-2026-49356: Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingURL comment. Using @babel/core to compile maliciously crafted code can allow an attacker to read any source map from the system that is running Babel, if the attacker controls the input source code, can read the output source code, and knows the path of the source map file that they want to read. This vulnerability is fixed in 8.0.0-rc.6 and 7.29.6.

Created: 2026-06-02 Last update: 2026-06-27 00:18

2 security issues in bookworm high

There are 2 open security issues in bookworm.

2 important issues:

CVE-2026-44728: Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and 8.0.0-alpha.13.
CVE-2026-49356: Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingURL comment. Using @babel/core to compile maliciously crafted code can allow an attacker to read any source map from the system that is running Babel, if the attacker controls the input source code, can read the output source code, and knows the path of the source map file that they want to read. This vulnerability is fixed in 8.0.0-rc.6 and 7.29.6.

Created: 2026-06-02 Last update: 2026-06-27 00:18

1 new commit since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 74356978080c2778362042c568087c0fa4f5ebb4
Author: Xavier Guimard <yadd@debian.org>
Date:   Sun Jun 28 18:29:11 2026 +0200

    debian/watch version 5

Created: 2026-06-28 Last update: 2026-06-28 18:02

lintian reports 27 warnings normal

Lintian reports 27 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2026-05-03 Last update: 2026-05-03 00:31

debian/patches: 6 patches to forward upstream low

Among the 25 debian patches available in version 7.20.15+ds1+~cs214.269.168-17 of the package, we noticed the following issues:

6 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2026-05-03 00:00

news

[2026-05-15] node-babel7 7.20.15+ds1+~cs214.269.168-17 MIGRATED to testing (Debian testing watch)
[2026-05-02] Accepted node-babel7 7.20.15+ds1+~cs214.269.168-17 (source) into unstable (Xavier Guimard)
[2026-04-06] node-babel7 7.20.15+ds1+~cs214.269.168-16 MIGRATED to testing (Debian testing watch)
[2026-03-29] Accepted node-babel7 7.20.15+ds1+~cs214.269.168-16 (source) into unstable (Xavier Guimard)
[2026-03-28] Accepted node-babel7 7.20.15+ds1+~cs214.269.168-15 (source all) into unstable (Xavier Guimard)
[2026-03-13] node-babel7 7.20.15+ds1+~cs214.269.168-14 MIGRATED to testing (Debian testing watch)
[2026-03-08] Accepted node-babel7 7.20.15+ds1+~cs214.269.168-14 (source) into unstable (Jérémy Lal)
[2026-03-05] node-babel7 7.20.15+ds1+~cs214.269.168-13 MIGRATED to testing (Debian testing watch)
[2026-02-28] Accepted node-babel7 7.20.15+ds1+~cs214.269.168-13 (source) into unstable (Bastien Roucariès) (signed by: Bastien ROUCARIÈS)
[2026-02-23] Accepted node-babel7 7.20.15+ds1+~cs214.269.168-12 (source) into unstable (Santiago Vila)
[2025-12-18] node-babel7 7.20.15+ds1+~cs214.269.168-11 MIGRATED to testing (Debian testing watch)
[2025-12-11] Accepted node-babel7 7.20.15+ds1+~cs214.269.168-11 (source) into unstable (Bastien Roucariès) (signed by: Bastien ROUCARIÈS)
[2025-12-05] node-babel7 7.20.15+ds1+~cs214.269.168-10 MIGRATED to testing (Debian testing watch)
[2025-11-29] Accepted node-babel7 7.20.15+ds1+~cs214.269.168-10 (source) into unstable (Jérémy Lal)
[2025-11-02] node-babel7 7.20.15+ds1+~cs214.269.168-9 MIGRATED to testing (Debian testing watch)
[2025-10-28] Accepted node-babel7 7.20.15+ds1+~cs214.269.168-9 (source) into unstable (Bastien Roucariès) (signed by: Bastien ROUCARIÈS)
[2025-02-19] node-babel7 7.20.15+ds1+~cs214.269.168-8 MIGRATED to testing (Debian testing watch)
[2025-02-14] Accepted node-babel7 7.20.15+ds1+~cs214.269.168-8 (source) into unstable (Jérémy Lal)
[2024-08-12] node-babel7 7.20.15+ds1+~cs214.269.168-7 MIGRATED to testing (Debian testing watch)
[2024-08-06] Accepted node-babel7 7.20.15+ds1+~cs214.269.168-7 (source) into unstable (Bastien Roucariès) (signed by: Bastien ROUCARIÈS)
[2024-06-16] Accepted node-babel7 7.20.15+ds1+~cs214.269.168-3+deb12u2 (source) into proposed-updates (Debian FTP Masters) (signed by: Jérémy Lal)
[2023-12-17] node-babel7 7.20.15+ds1+~cs214.269.168-6 MIGRATED to testing (Debian testing watch)
[2023-12-12] Accepted node-babel7 7.20.15+ds1+~cs214.269.168-6 (source) into unstable (Jérémy Lal)
[2023-10-28] Accepted node-babel7 7.12.12+~cs150.141.84-6+deb11u1 (source all) into oldstable-proposed-updates (Debian FTP Masters) (signed by: Xavier Guimard)
[2023-10-28] Accepted node-babel7 7.20.15+ds1+~cs214.269.168-3+deb12u1 (source all) into proposed-updates (Debian FTP Masters) (signed by: Xavier Guimard)
[2023-10-19] node-babel7 7.20.15+ds1+~cs214.269.168-5 MIGRATED to testing (Debian testing watch)
[2023-10-16] Accepted node-babel7 7.12.12+~cs150.141.84-6+deb11u1 (source all) into oldstable-security (Debian FTP Masters) (signed by: Xavier Guimard)
[2023-10-16] Accepted node-babel7 7.20.15+ds1+~cs214.269.168-3+deb12u1 (source all) into stable-security (Debian FTP Masters) (signed by: Xavier Guimard)
[2023-10-13] Accepted node-babel7 7.20.15+ds1+~cs214.269.168-5 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2023-06-18] node-babel7 7.20.15+ds1+~cs214.269.168-4 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 4
RC: 0
I&N: 4
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 27)
buildd: logs, reproducibility
popcon
browse source code
other distros
security tracker
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 7.20.15+ds1+~cs214.269.168-17build1

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing