Package "libjs-moment"

Name:	libjs-moment
Description:	Work with dates in JavaScript (library)
Latest version:	2.20.1+ds-1ubuntu0.1
Release:	bionic (18.04)
Level:	security
Repository:	universe
Head package:	node-moment
Homepage:	https://github.com/moment/moment

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "libjs-moment"

All arch deb package

APT INSTALL

Other versions of "libjs-moment" in Bionic

Repository	Area	Version
base	universe	2.20.1+ds-1
updates	universe	2.20.1+ds-1ubuntu0.1

Changelog

Version: 2.20.1+ds-1ubuntu0.1 2022-08-10 14:06:17 UTC

node-moment (2.20.1+ds-1ubuntu0.1) bionic-security; urgency=medium * SECURITY UPDATE: Path traversal (LP: #1982617) - debian/patches/CVE-2022-24785.patch: Avoid loading path-looking locales from filesystem. - CVE-2022-24785 * SECURITY UPDATE: Denial of service via very long date string (LP: #1982617) - debian/patches/CVE-2022-31129.patch: Make a regular expression more efficient. - CVE-2022-31129 * debian/control: Add a build dependency on libjs-qunit. * debian/rules: Add an override_dh_auto_test target that invokes debian/run_test_suite. * debian/run_test_suite: New file that invokes the upstream test suite. -- Luís Infante da Câmara <email address hidden> Fri, 22 Jul 2022 22:08:31 +0100

1982617	Versions in Bionic, Focal and Jammy are vulnerable to CVE-2022-24785 and CVE-2022-31129
CVE-2022-24785	Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (serve
CVE-2022-31129	moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an ine

About - Send Feedback to @ubuntu_updates

Package "libjs-moment"

Links

Download "libjs-moment"

Other versions of "libjs-moment" in Bionic

Changelog

Share this page

Bookmarks

Latest updates

security

PPA updates