Control: tags -1 + confirmed On Mon, 2022-04-11 at 16:17 +0200, Yadd wrote: > On 24/03/2022 15:12, Moritz Mühlenhoff wrote: > > Am Wed, Mar 23, 2022 at 02:25:26PM +0100 schrieb Yadd: > > > Package: release.debian.org > > > Severity: normal > > > Tags: bullseye > > > User: release.debian....@packages.debian.org > > > Usertags: pu > > > > > > [ Reason ] > > > node-url-parse is vulnerable to an authorization Bypass Through > > > User-Controlled (CVE-2022-0686). > > > > If we're doing an update, we could also include a fix for CVE-2022- > > 0691? > > > > Cheers, > > Moritz > > Hi, > > done, here is the new debdiff (including new test) >
Please go ahead. Regards, Adam
