• [SECURITY] [DSA 4789-1] codemirror-js security update

    From Sebastien Delafond@21:1/5 to All on Thu Nov 12 10:10:02 2020
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4789-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond November 12, 2020 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : codemirror-js
    CVE ID : CVE-2020-7760

    It was discovered that codemirror, a browser-based text editor
    implemented in JavaScript, was vulnerable to regular expression denial-of-service.

    For the stable distribution (buster), this problem has been fixed in
    version 5.43.0-1+deb10u1.

    We recommend that you upgrade your codemirror-js packages.

    For the detailed security status of codemirror-js please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/codemirror-js

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAl+s4JYACgkQEL6Jg/PV nWRV8Qf+NJ+kRDqWLNVxDghRi7adRYolBtjybDCdj8XALH2phRJwpMr6brXzRiKM Phj8t7soLRcLb+YG4lLfB1xd1dEqiuLwjNwWCjNpJAvMU7zWuqFpjVOWfVmH0vFg iiRsGeYqt6QfV52eDk6QcLx+CwKJqA4RDcwdoxe1jb7yH/i3glf2sPetfQfZTtyd myG40AV6EdFlSqPHCj89Kqbo2u+a9FFr0hodshEz/4wRa0yIUm8GVzRh6BPWN/hn fMp3PPRq0eXaErvChJpnviSqDHB0A3xoKo8VjVG6EDwoI7aNfjHrL+z/VEZxppdV YUHw0CVN6h5APoUiKlDdcD6/p3ASOw==
    =XlO6
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)