-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 01 Mar 2023 13:47:23 +0000 Source: node-css-what Architecture: source Version: 4.0.0-3+deb11u1 Distribution: bullseye Urgency: medium Maintainer: Debian Javascript Maintainers Changed-By: Bastien Roucariès Closes: 989264 1032188 Changes: node-css-what (4.0.0-3+deb11u1) bullseye; urgency=medium . * Team upload * node-css-what was vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of insecure regular expression in the re_attr variable. The exploitation of this vulnerability could be triggered via the parse function. Fix CVE-2022-21222, CVE-2021-33587 (Closes: #989264, #1032188) Checksums-Sha1: ee1cda7e61aa937e78c920f00be1957ebf98cb4c 2098 node-css-what_4.0.0-3+deb11u1.dsc a9cab0e5876e7e7eef3ccc012a8578b7bbb661e4 5040 node-css-what_4.0.0-3+deb11u1.debian.tar.xz Checksums-Sha256: 0aba783de9d19aef86edd8cde33aa90a0e1f3f6a820fa2dc4d1f30d9a70e5f77 2098 node-css-what_4.0.0-3+deb11u1.dsc 63b4eab8283cdbef45d1df6f3613e67beb9fd7cd24b9e0ecd35875d10a6c140c 5040 node-css-what_4.0.0-3+deb11u1.debian.tar.xz Files: 9d48180a034cb56ff4a934117e018dc4 2098 javascript optional node-css-what_4.0.0-3+deb11u1.dsc 4a615056e8221329037245a93480c9a5 5040 javascript optional node-css-what_4.0.0-3+deb11u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEAN/li4tVV3nRAF7J9tdMp8mZ7ukFAmR3GzoACgkQ9tdMp8mZ 7ulN4Q//by2Suhmprjf54NemJkkVErXxuX6W8Od6pTsUKXVMF3hcaBK52bDbAqhS 0bCcZO4NG/TUXpp5fD9dk7fa2h9lU5qajg9xOuPAz9uSLJWrcRH9VZ9baDIj77yf NPcfsp6tJwY2/+i7+sA4O+SC+UlftBUPfI1EqDwUcWcZ4/lfbFCheTog6I87GPx2 S/PMEgWh9MqyT1RcyHxyIRjtrYRtPm2MyDKvB/LknOXNRpjIgbORy7SsoDa2PrQV k/utGlmx8J2cW7GSzqjuL6qm9mUOWWIIHIuRygKV6ZJQVKkZa2AEFY2wKWELWAEk oQJrktWncKKRbMKXC1JsDq3HSH0jDGRYInK9L75zGvwViYcp1zLYPo+YdePul9Rc a6s/ppl2Uk64k+iLZt8hYAbb33cAQVA30qi/flt2OeSSN6l15mPF6LRaHjTppHZf mw/GdZfcV39BPBqo6Wk9JWCAJ7svt8Hz/omIN4PCMwdXlpsOwaVMXTt9dR1uFYYR +q3sk5C3zaVvcdOhRwqtXb65PFVtlKs53l1BwB9/4WX6dIPJrEi99kcYFQbETiG6 UBYKXyeLkGLeowacsP5uRGQzbU3PYMzalcnYrjP6kCS2ffBQywQM/pgrf001JE9s t5ucBKD4N624n4+Nbg4g/xC8sVGAllxWeBldfQfoqaeK4JxAiXY= =x2ti -----END PGP SIGNATURE-----