Package "libjs-moment"

Name:	libjs-moment
Description:	Work with dates in JavaScript (library)
Latest version:	2.24.0+ds-2ubuntu0.1
Release:	focal (20.04)
Level:	security
Repository:	universe
Head package:	node-moment
Homepage:	https://github.com/moment/moment

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "libjs-moment"

All arch deb package

APT INSTALL

Other versions of "libjs-moment" in Focal

Repository	Area	Version
base	universe	2.24.0+ds-2
updates	universe	2.24.0+ds-2ubuntu0.1

Changelog

Version: 2.24.0+ds-2ubuntu0.1 2022-08-10 14:06:19 UTC

node-moment (2.24.0+ds-2ubuntu0.1) focal-security; urgency=medium * SECURITY UPDATE: Path traversal (LP: #1982617) - debian/patches/CVE-2022-24785.patch: Avoid loading path-looking locales from filesystem. - CVE-2022-24785 * SECURITY UPDATE: Denial of service via very long date string (LP: #1982617) - debian/patches/CVE-2022-31129.patch: Make a regular expression more efficient. - CVE-2022-31129 * debian/control: Add build dependency on libjs-qunit. * debian/tests/pkg-js/test: New file that invokes the upstream test suite. This addresses the Lintian warnings. -- Luís Infante da Câmara <email address hidden> Thu, 04 Aug 2022 07:50:50 +0100

1982617	Versions in Bionic, Focal and Jammy are vulnerable to CVE-2022-24785 and CVE-2022-31129
CVE-2022-24785	Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (serve
CVE-2022-31129	moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an ine

About - Send Feedback to @ubuntu_updates

Package "libjs-moment"

Links

Download "libjs-moment"

Other versions of "libjs-moment" in Focal

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

PPA updates