1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted twitter-bootstrap4 4.6.1+dfsg1-4+deb12u1 (source) into propose

    From Debian FTP Masters@21:1/5 to All on Sat May 10 19:20:01 2025
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Sun, 13 Apr 2025 13:42:02 +0200
    Source: twitter-bootstrap4
    Architecture: source
    Version: 4.6.1+dfsg1-4+deb12u1
    Distribution: bookworm
    Urgency: high
    Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>
    Changed-By: Bastien Roucariès <rouca@debian.org>
    Closes: 1084059
    Changes:
    twitter-bootstrap4 (4.6.1+dfsg1-4+deb12u1) bookworm; urgency=high
    .
    * Team upload
    * Fix CVE-2024-6531 (XSS vulnerability):
    An anchor element (<a>), when used for carousel navigation
    with a data-slide attribute, can contain an href attribute
    value that is not subject to proper content sanitization.
    Improper extraction of the intended target carouselΓÇÖs
    #id from the href attribute can lead to use cases where
    the click eventΓÇÖs preventDefault()
    is not applied and the href is evaluated and executed.
    As a result, restrictions are not applied to the data
    that is evaluated, which can lead to potential
    XSS vulnerabilities.
    (Closes: #1084059)
    Checksums-Sha1:
    f43b2ce6d4a5de6433ea3a35269fe7ab6eeb68fa 2380 twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1.dsc
    e98a1a8175e6450e984d87a197e3afc1aa8716f2 2329588 twitter-bootstrap4_4.6.1+dfsg1.orig.tar.xz
    f12c73346cde14a18c778d5835f181e74b92cefd 19672 twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1.debian.tar.xz
    064cc57c991ce4d062d4e495d2520a29ecb8fc1c 17329 twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1_amd64.buildinfo
    Checksums-Sha256:
    725b0f3ac95a87e69b3fe3d4c043ace8f6d0014987e227aaabbf7ddba3e74a43 2380 twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1.dsc
    a2fdd5c181d592deb7ea7b1676188978cc60ebf182d1e6c4d6c712e0c6eb8a54 2329588 twitter-bootstrap4_4.6.1+dfsg1.orig.tar.xz
    4453c6055268a3e94c836dce62c02561b0eb032ef8d11351a44ed1d34aba82ae 19672 twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1.debian.tar.xz
    011310609c1f578f47171eb00e4728e4564ecded3da1431b5cecdfe64cbbde33 17329 twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1_amd64.buildinfo
    Files:
    9e60f3f9f7f9f2d982f32ff0440aeaf0 2380 javascript optional twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1.dsc
    d0b7793db9e3976ce87f34dda946affa 2329588 javascript optional twitter-bootstrap4_4.6.1+dfsg1.orig.tar.xz
    cf73c18fed085535fc30958db2c3cbb6 19672 javascript optional twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1.debian.tar.xz
    f7bb803f3f5e21a1bd13fbbb0bff0219 17329 javascript optional twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1_amd64.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmgfd9IACgkQADoaLapB CF++1BAAqheasCgQUd4+RwYCLmn88lT9mCl3SrYiyINczxFmuGbFxmx2yO36Sw4S hEWPlQMcC0Gxpk5vwGN+0AnPSr3lufUOG8Q2BzRoA6gJ/3nwnSDbT7Lt72+OPYJn RmpIG6tGsVhjM4SwwW6BSpaCQ+QH8c87bktUC8PTytaLxotGSwDEXwafc8XwrWZK yLw6FQWawRcOlhoIvHtIvTZ8dP7nC5NP4RxAbNRT9qqP4/PtCfqC3WZh/q/ApzJ5 VyqLrqh3wCu5N9QN7WiryjRyJzqptRDE6TFzVyPheeoP6xf5YWo3vJ5esqEnqspN Ta1WiWA9OR06kQtV4Ad53oJJmQIENQkZ+alKBFITtEcwU1mhE9uo4l3dQxSQBRNQ YTX/L4IFzEOkuguP0vrrH3s/NrEhIYndMly/OySe08QA3AiGZbVSgll2CrQ181Md tcLwGmaYRDjK6EoB/Vo12h2Y1Y2+NX97/XTwPJGvw9Es1wAxuVM3PgEM0K4zRYp1 wZ7ymbpTfGgIOee+5s9WjVni55+k8qUvFQggZIfLPWcN5qVsMVADhrFedzwJskCq oRwYVdYXUC5Hd509uwIHDVWO1gP2FNJb0mIzzM3RtD+q9q7dV0Mh27gYn/3fUn4b xs/fY5lqcaBabZ2U6Hl5nR8vASi7dEQRI4I1O5n+UIabeHzXTks=
    =zLSJ
    -----END PGP SIGNATURE-----


    --==============å85367977582156185=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCaB+KFwAKCRCb9qggYcy5 IXZmAQDMxGQwzZxxFOYiVg72Cn4uKBtzYuuzuwYAIibi4j9ifgD/di2BtueF9Cy8 Cxk3Yow5HDUz40Z47NbOTZxLFnJJMgU=jfVj
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)