Xavier Guimard
2019-10-03 19:10:02 UTC
Reply
PermalinkSeverity: normal
Tags: buster
User: ***@packages.debian.org
Usertags: pu
Hi,
node-yarnpkg is vulnerable: it exports auth data in http requests
(#941354, CVE-2019-5448). This patch imports upstream fix.
Cheers,
Xavier