stable

yarnpkg-1.22.19-3.fc36

FEDORA-2023-18fd476362 created by smani a year ago for Fedora 36

Add patches for CVE-2021-43138, CVE-2022-3517, CVE-2020-7677

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2023-18fd476362

This update has been submitted for testing by smani.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been pushed to testing.

a year ago

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
approved
a year ago
BZ#2127008 CVE-2021-43138 yarnpkg: async: Prototype Pollution in async [fedora-all]
0
0
BZ#2127351 CVE-2020-7677 yarnpkg: thenify: Arbitrary Code Execution in thenify [fedora-all]
0
0
BZ#2135472 CVE-2022-3517 yarnpkg: nodejs-minimatch: ReDoS via the braceExpand function [fedora-all]
0
0

Automated Test Results