Package: release.debian.org Severity: normal Tags: bullseye User: release.debian....@packages.debian.org Usertags: pu
[ Reason ] node-moment is vulnerable to path traversal (#1009327, CVE-2022-24785) [ Impact ] Medium vulnerability [ Tests ] No changes in test [ Risks ] Low risk, patch is trivial [ Checklist ] [X] *all* changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in (old)stable [X] the issue is verified as fixed in unstable [ Changes ] Just a new check to prevent names that look like filesystem paths Cheers, Yadd
