Bug 19167

Summary: nodejs-minimatch new security issue CVE-2016-1000023
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Joseph Wang <joequant>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: mageia
Version: 5   
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/696805/
Whiteboard:
Source RPM: nodejs-minimatch-3.0.0-1.mga6.src.rpm CVE:
Status comment:

Description David Walser 2016-08-09 20:36:30 CEST 
Upstream has issued an advisory on June 20:
https://nodesecurity.io/advisories/118

The issue is fixed upstream in 3.0.2.  Mageia 5 may also be affected.
Comment 1 Nicolas Lécureuil 2017-02-21 22:07:22 CET 
not valid on mga5 from what i saw.

Fixed on mga6

Status: NEW => RESOLVED
CC: (none) => mageia
Version: Cauldron => 5
Resolution: (none) => FIXED