Debian Bug report logs -
#927671
CVE-2016-10542
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>:
Bug#927671; Package node-ws.
(Sat, 20 Apr 2019 21:48:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>.
(Sat, 20 Apr 2019 21:48:03 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: node-ws
Severity: grave
Tags: security
Please see
https://nodesecurity.io/advisories/120
https://github.com/nodejs/node/issues/7388
Cheers,
Moritz
Marked as found in versions node-ws/1.1.0+ds1.e6ddaae4-3.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sun, 21 Apr 2019 06:09:02 GMT) (full text, mbox, link).
Marked as found in versions node-ws/1.1.0+ds1.e6ddaae4-4.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sun, 21 Apr 2019 06:09:04 GMT) (full text, mbox, link).
Added tag(s) upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sun, 21 Apr 2019 06:09:06 GMT) (full text, mbox, link).
Message sent on
to Moritz Muehlenhoff <jmm@debian.org>:
Bug#927671.
(Sun, 21 Apr 2019 07:42:03 GMT) (full text, mbox, link).
Message #16 received at 927671-submitter@bugs.debian.org (full text, mbox, reply):
Control: tag -1 pending
Hello,
Bug #927671 in node-ws reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/js-team/node-ws/commit/80690bf1eca9fc007156a72bd659b2ce791daed2
------------------------------------------------------------------------
Add patch to fix upload size to a sane value (Closes: #927671, CVE-2016-10542)
------------------------------------------------------------------------
(this message was generated automatically)
--
Greetings
https://bugs.debian.org/927671
Added tag(s) pending.
Request was from Xavier Guimard <noreply@salsa.debian.org>
to 927671-submitter@bugs.debian.org.
(Sun, 21 Apr 2019 07:42:03 GMT) (full text, mbox, link).
Reply sent
to Xavier Guimard <yadd@debian.org>:
You have taken responsibility.
(Sun, 21 Apr 2019 07:51:08 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Sun, 21 Apr 2019 07:51:08 GMT) (full text, mbox, link).
Message #23 received at 927671-close@bugs.debian.org (full text, mbox, reply):
Source: node-ws
Source-Version: 1.1.0+ds1.e6ddaae4-5
We believe that the bug you reported is fixed in the latest version of
node-ws, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 927671@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Xavier Guimard <yadd@debian.org> (supplier of updated node-ws package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 21 Apr 2019 08:58:55 +0200
Source: node-ws
Architecture: source
Version: 1.1.0+ds1.e6ddaae4-5
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>
Changed-By: Xavier Guimard <yadd@debian.org>
Closes: 927671
Changes:
node-ws (1.1.0+ds1.e6ddaae4-5) unstable; urgency=medium
.
* Add upstream/metadata
* Declare compliance with policy 4.3.0
* Add patch to fix upload size to a sane value
(Closes: #927671, CVE-2016-10542)
Checksums-Sha1:
2d6e3bfa166bf17e18b5ca21430fb483f1326642 2224 node-ws_1.1.0+ds1.e6ddaae4-5.dsc
572afdd8534c3c30a8aeedb87f7e225226a39cbc 10704 node-ws_1.1.0+ds1.e6ddaae4-5.debian.tar.xz
Checksums-Sha256:
385ed125aa25a7fdc7477c565af22aafc0f1d53dc33b48c185607bc7d1cc96f6 2224 node-ws_1.1.0+ds1.e6ddaae4-5.dsc
cc4b8a4856e26c2484ac52290ff54714581e34a166667717a109193267540a86 10704 node-ws_1.1.0+ds1.e6ddaae4-5.debian.tar.xz
Files:
a130428286d4e68a7034c6108fbb3776 2224 javascript optional node-ws_1.1.0+ds1.e6ddaae4-5.dsc
5ef14c711387d44805f87cd32627b23c 10704 javascript optional node-ws_1.1.0+ds1.e6ddaae4-5.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEAN/li4tVV3nRAF7J9tdMp8mZ7ukFAly8HUwACgkQ9tdMp8mZ
7umn2A//YfP+ctoqY0qupi6436WEmoJmbkUzeonMDhc+VQpEBiKB4twUNk27VrDa
uhW1ABcEb7BOWqKu0mG1NIQXWTGOcx5SLIE0EO3mSGgXAygx1DPKF+8kEN/wTht5
20Xg3JcGj15VdaxE7M/Wy4NW3Q4VG5Lzy7tHBs4Z9ehN41E/EIyJtXXoVGK2bEFA
7rtEX3xRJMj3WkBdKfb2wwJPmlo4lJt52tcykCjDPh47ZKyKV3BR19w4HqpK5c8n
a75fN/0GJ0K2HFy/bIrDh7n79tIFVkRLdWCYxSxHa2lFVeuBSdcznKzRpsZdMjAf
jEROYBKxtyXveunsGWTtix1J4r/DBbMcpsK0KtIJUyph7XOcZTy/LIn+KGfXdoAK
lPMA6RxsSsePjV3RPpuGPsHZ9YVymMW6Lx2+SQ9V1JMlNX5KKQJLs/o4RiJMtN0d
6RedPxI37lREuQ7RbGh0BdyT8RO2xn0Qrh4FsYYxR0z6xUwK57zWSHkVineiD8rS
24ejph9JV+XHo7TDFKU/kkSC94AbUb3+H7eOVgl8FvfoGik22fUbgP7HhT7dB72q
aqp0rWkmGW2hZmgoYfBhTN4aFwil6mT1gRfZ4Ua2AvMlv0pS/wVDS20ZGghBfZwz
gwuFlCrELo46b8CGd3Dt03GKgO5xG4hAPLVr3O7p+/ZuQYqJTaE=
=W78Z
-----END PGP SIGNATURE-----
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 19:01:37 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon