node-cached-path-relative spu

author: Moritz Mühlenhoff <jmm@debian.org> 2022-01-31 20:55:30 +0100
committer: Moritz Mühlenhoff <jmm@debian.org> 2022-01-31 20:56:00 +0100
commit: 510ca001eadc19886e1cdcb8c42bf9777d993acc (patch)
tree: 6d7f02913bd543254dae57d7374a6d57637d73fe /data
parent: e6c9db17ce5f24e19bfddb8bb98eff69bb3161bd (diff)
2 files changed, 4 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 57878421dd..d06fb2786f 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -67902,6 +67902,8 @@ CVE-2021-23519
 	RESERVED
 CVE-2021-23518 (The package cached-path-relative before 1.1.0 are vulnerable to Protot ...)
 	- node-cached-path-relative 1.1.0+~1.0.0-1 (bug #1004338)
+	[bullseye] - node-cached-path-relative <no-dsa> (Minor issue)
+	[buster] - node-cached-path-relative <no-dsa> (Minor issue)
 	NOTE: https://github.com/ashaffer/cached-path-relative/commit/40c73bf70c58add5aec7d11e4f36b93d144bb760
 	NOTE: results from incomplete fix for https://security.snyk.io/vuln/SNYK-JS-CACHEDPATHRELATIVE-72573
 	NOTE: which was CVE-2018-16472.
diff --git a/data/next-point-update.txt b/data/next-point-update.txt
index 00e55cd88b..1d27eccf0d 100644
--- a/data/next-point-update.txt
+++ b/data/next-point-update.txt
@@ -48,3 +48,5 @@ CVE-2022-0235
 	[bullseye] - node-fetch 2.6.1-5+deb11u1
 CVE-2021-40516
 	[bullseye] - weechat 3.0-1+deb11u1
+CVE-2021-23518
+	[bullseye] - node-cached-path-relative 1.0.2-1+deb11u1
author	Moritz Mühlenhoff <jmm@debian.org>	2022-01-31 20:55:30 +0100
committer	Moritz Mühlenhoff <jmm@debian.org>	2022-01-31 20:56:00 +0100
commit	510ca001eadc19886e1cdcb8c42bf9777d993acc (patch)
tree	6d7f02913bd543254dae57d7374a6d57637d73fe /data
parent	e6c9db17ce5f24e19bfddb8bb98eff69bb3161bd (diff)