Ubuntu
node-moment package

  1. Bug #1982617
  2. Comment #26

Comment 26 for bug 1982617

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package node-moment - 2.20.1+ds-1ubuntu0.1

---------------
node-moment (2.20.1+ds-1ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Path traversal (LP: #1982617)
    - debian/patches/CVE-2022-24785.patch: Avoid loading path-looking locales
      from filesystem.
    - CVE-2022-24785
  * SECURITY UPDATE: Denial of service via very long date string (LP: #1982617)
    - debian/patches/CVE-2022-31129.patch: Make a regular expression more
      efficient.
    - CVE-2022-31129
  * debian/control: Add a build dependency on libjs-qunit.
  * debian/rules: Add an override_dh_auto_test target that invokes
    debian/run_test_suite.
  * debian/run_test_suite: New file that invokes the upstream test suite.

 -- Luís Infante da Câmara <email address hidden> Fri, 22 Jul 2022 22:08:31 +0100