You are here
Home > Preporuke > Sigurnosni propust programskog paketa nodejs-handlebars

Sigurnosni propust programskog paketa nodejs-handlebars

——————————————————————————–
Fedora Update Notification
FEDORA-2015-8b6882339c
2015-12-28 19:19:48.670276
——————————————————————————–

Name : nodejs-handlebars
Product : Fedora 22
Version : 4.0.5
Release : 1.fc22
URL : http://handlebarsjs.com/
Summary : Mustache extension for Node.js
Description :
Handlebars.js is an extension to the Mustache templating language created by
Chris Wanstrath. Handlebars.js and Mustache are both logicless templating
languages that keep the view and the code separated like we all know they should
be.

——————————————————————————–
Update Information:

Security fix for nodejs-handlebars: mustache: handlebars: Quoteless Attributes
in Templates can lead to Content Injection —- New upstream release.
——————————————————————————–
References:

[ 1 ] Bug #1291742 – mustache: handlebars: Quoteless Attributes in Templates can lead to Content Injection
https://bugzilla.redhat.com/show_bug.cgi?id=1291742
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update nodejs-handlebars’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Sigurnosni propust programskog paketa activemq

Otkriven je sigurnosni propust u programskom paketu activemq za Fedoru. Propust je posljedica nesigurne deserijalizacije što može dovesti do otkrivanja...

Close