Debian Security Advisory 5790-1

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5790-1                   [email protected]://www.debian.org/security/                       Moritz MuehlenhoffOctober 13, 2024                      https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : node-dompurifyCVE ID         : CVE-2024-47875It was discovered that DOMPurify, a sanitizer for HTML, MathML and SVG wassusceptible to nesting-based mXSS.For the stable distribution (bookworm), this problem has been fixed inversion 2.4.1+dfsg+~2.4.0-2.We recommend that you upgrade your node-dompurify packages.For the detailed security status of node-dompurify please refer toits security tracker page at:https://security-tracker.debian.org/tracker/node-dompurifyFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmcMCGEACgkQEMKTtsN8TjZW5g//Uc2ZeYTX4O8kHZ9IHHL7v9n6pxPG9MLYgiMt11YSs5k6qVT20NvqfWWyN9ZNQkBCtYpKRO3wym5AcfR9UsZxVh3AlT8Q+Y7lHBYxiaQw82ygNQT2nAU32wBSMHnZvjHEAdH/iZWeR2VROVHjwR7bU9cbzc2/dVt1W7WJTLPY8lAqAAJ5D4/6Nlcb1JMwupP1XIW26gSYBGx+RXuKitSr1jKBoraDtAGUtpZQMP7JwKXt+WSLe4mStXwQmQhMkmNd28sonJVAEl/EjvZq1KuEONlj5doPMtMC9eU7HBtXu6b2JoPVyO6FZnx76lMqT+JV9VIqj1MfJofLSv4kT8PfM18KaNHBqtiR370D0q6gxfQxIibvu4WXPmG8CNw/ew4LRwswQMQPSscEGdo8jz3WKhKnLMB6HRWg0m9LMJXQcmNLPiAS8NIcOSDtK8sQC8ODIjR1lYzetnu7Y6o69KWdreFVlHgaWqROfBtxmQ0cf4vBQchZd3cCRsFHtPQ2xsNsbIQoJhst2XzJsNVlgcB78qMiKfc7fsZh7/Uy0oq2jclSA1nWQUoszFblTVCn44fLIS97bn2WggiAqUymBBSyAGeZp//6CuoYik62ARHW5tYXvsa1oq9/d/I5RcBMbNHn2VNyxmzpnkbaFFYS/Sz86ihL17Ao7IOD8ssvaHzGeTw==lKMx-----END PGP SIGNATURE-----