* SECURITY UPDATE: Path traversal (LP: #1982617)
- debian/patches/CVE-2022-24785.patch: Avoid loading path-looking locales
from filesystem.
- CVE-2022-24785
* SECURITY UPDATE: Denial of service via very long date string (LP: #1982617)
- debian/patches/CVE-2022-31129.patch: Make a regular expression more
efficient.
- CVE-2022-31129
* debian/changelog: Add build dependency on libjs-qunit.
* debian/source/lintian-overrides: Remove, because all overrides are unused
or mismatched.
* debian/tests/control: Add dependency on libjs-qunit.
* debian/tests/pkg-js/test: Do a complete test.
-- Luís Infante da Câmara <email address hidden> Thu, 04 Aug 2022 09:27:56 +0100
This bug was fixed in the package node-moment - 2.29.1+ ds-3ubuntu0. 2
--------------- ds-3ubuntu0. 2) jammy-security; urgency=medium
node-moment (2.29.1+
* SECURITY UPDATE: Path traversal (LP: #1982617) patches/ CVE-2022- 24785.patch: Avoid loading path-looking locales patches/ CVE-2022- 31129.patch: Make a regular expression more source/ lintian- overrides: Remove, because all overrides are unused tests/control: Add dependency on libjs-qunit. tests/pkg- js/test: Do a complete test.
- debian/
from filesystem.
- CVE-2022-24785
* SECURITY UPDATE: Denial of service via very long date string (LP: #1982617)
- debian/
efficient.
- CVE-2022-31129
* debian/changelog: Add build dependency on libjs-qunit.
* debian/
or mismatched.
* debian/
* debian/
-- Luís Infante da Câmara <email address hidden> Thu, 04 Aug 2022 09:27:56 +0100