Pop-Up Thingie
Sidebar
Too Lazy BBS
Home
Forum
Files
Chat
Bulletins
Dark
Register
Log in
Username
Password
Who's Online
Recent Visitors
Daniel Garrod
Mon May 19 15:34:07 2025
from
Cambridge, Uk
via
Telnet
Codefenix
Mon May 19 10:50:26 2025
from
Canton, Oh
via
SSH
Guest
Mon May 19 10:33:33 2025
from
V
via
Telnet
Guest
Sun May 18 01:43:09 2025
from
n
via
SSH
System Info
Sysop:
Amessyroom
Location:
Fayetteville, NC
Users:
28
Nodes:
6 (
0
/
6
)
Uptime:
62:51:31
Calls:
425
Calls today:
3
Files:
1,025
Messages:
91,199
Posted today:
1
Sidebar
Forum
Usenet
LINUX.DEBIAN.BUGS.DIST
Bug#1105919: node-undici: CVE-2025-23167
From
Salvatore Bonaccorso
@21:1/5 to
All
on Sat May 17 12:00:01 2025
Source: node-undici
Version: 7.3.0+dfsg1+~cs24.12.11-1
Severity: important
Tags: security upstream
X-Debbugs-Cc:
carnil@debian.org
, Debian Security Team <
team@security.debian.org
>
Hi,
The following vulnerability was published for node-undici.
CVE-2025-23167[0]:
| Improper HTTP header block termination in llhttp
This is an issue from the latest node.js advisory affecting llhttp,
can you double check how it affects node-undici's embedded copy?
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0]
https://security-tracker.debian.org/tracker/CVE-2025-23167
https://www.cve.org/CVERecord?id=CVE-2025-23167
[1]
https://nodejs.org/en/blog/vulnerability/may-2025-security-releases#improper-http-header-block-termination-in-llhttp-cve-2025-23167---medium
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)