1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES.DEVE

  • Accepted twitter-bootstrap3 3.4.1+dfsg-4 (source) into unstable

    From Debian FTP Masters@21:1/5 to All on Sun Apr 13 11:50:01 2025
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Thu, 10 Apr 2025 23:47:00 +0200
    Source: twitter-bootstrap3
    Architecture: source
    Version: 3.4.1+dfsg-4
    Distribution: unstable
    Urgency: medium
    Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>
    Changed-By: Bastien Roucariès <rouca@debian.org>
    Closes: 1084060
    Changes:
    twitter-bootstrap3 (3.4.1+dfsg-4) unstable; urgency=medium
    .
    * Team upload
    * Fix CVE-2024-6485:
    A security vulnerability has been discovered in bootstrap
    that could enable Cross-Site Scripting (XSS) attacks.
    The vulnerability is associated with the data-loading-text
    attribute within the button plugin.
    This vulnerability can be exploited by injecting malicious
    JavaScript code into the attribute, which would then be
    executed when the button's loading state is triggered.
    (Closes: #1084060)
    * Fix CVE-2024-6484:
    A vulnerability has been identified in Bootstrap that
    exposes users to Cross-Site Scripting (XSS) attacks.
    The issue is present in the carousel component, where the
    data-slide and data-slide-to attributes can be exploited
    through the href attribute of an <a> tag due to inadequate
    sanitization. This vulnerability could potentially enable
    attackers to execute arbitrary JavaScript within
    the victim's browser.
    (Closes: #1084060)
    Checksums-Sha1:
    650067765f4c061b4dce67b84c8c542ceb0dae4d 2271 twitter-bootstrap3_3.4.1+dfsg-4.dsc
    0c1b1b026a103e470bb29f0d54445e44d2ab8f49 2011336 twitter-bootstrap3_3.4.1+dfsg.orig.tar.xz
    d7f58f390e6305902810fb4a09be21caba2ad892 54968 twitter-bootstrap3_3.4.1+dfsg-4.debian.tar.xz
    0e1e59b681cae129e7699fa4db0bbe3ae9bbeac9 7712 twitter-bootstrap3_3.4.1+dfsg-4_amd64.buildinfo
    Checksums-Sha256:
    06e387c9dcebadc4420daf00a6164646f723c6c248d96f41cdf9c954ff7dad89 2271 twitter-bootstrap3_3.4.1+dfsg-4.dsc
    9eb17937c62ff1133779bdca0b2ee62bfc3a8fc3348aef3b197e6020c9ce3528 2011336 twitter-bootstrap3_3.4.1+dfsg.orig.tar.xz
    abe4cc5ba5dc939a958c38f01b97f845eb824fdcad7bde098f832a37bd447f5d 54968 twitter-bootstrap3_3.4.1+dfsg-4.debian.tar.xz
    b6482d2a6bb1d6aaef878b913ef787b32f43bf61233475ef025de7d15c348ab3 7712 twitter-bootstrap3_3.4.1+dfsg-4_amd64.buildinfo
    Files:
    e5567c5a66d0a663ffa5cfc71099f05c 2271 javascript optional twitter-bootstrap3_3.4.1+dfsg-4.dsc
    504ddae4ecdda987cbe48168d176ab41 2011336 javascript optional twitter-bootstrap3_3.4.1+dfsg.orig.tar.xz
    510f8fb5061d9c42af8a978a8b858dce 54968 javascript optional twitter-bootstrap3_3.4.1+dfsg-4.debian.tar.xz
    8e66f1ab2bcdeaf6612f8bf958589d10 7712 javascript optional twitter-bootstrap3_3.4.1+dfsg-4_amd64.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmf7fCIACgkQADoaLapB CF936A/9FCyUNgyYjDQJMPBF2gz46UDQ/3zydoAZnhx9e21aZQuP1A/+c4J9iCVr UTFpiedwegyQ5X+zlAjNzhGRYW7J42eQVHBMYlgpZ8xEdyLcT2eygDRKk3PV0jn5 ncqY6jKNW+5B2eVzsobTi4Y3PQymXh35uaMwrTMWUgK6vh2ILAg8Lp3+4/Z6SRN9 dD2oL9MhgjqtXGXX6D27EsDk4I76Xdfttsk76x6ilkIN+IIJtFr5B5rZpmMeo+v5 v3LRRasvnU40orZFo1yigFY86UVa8q8VeEgp8nHjh0dN2B5g1RTyuvvvs4OTvAXV PLA2LUH0DLRsDQPs3HP7MDEcR48TOJDkQ+7afitJux3nXnOzB1GGDmZjwfj56Ljv yzzE1GPb9VtHLDyc95CD5CGW82PAJBObKOP8TDYy1g5Vcls3rNLs9VMBua15OqP7 VnXJVqbQxlmtB4+xIviiOOWbpEDfG9EZa84HTzUN/kNvHgLTBBrWkGI4486Pf4Kz YO3hGWZxy9ZAJhyArjCgT9E1LPe1R9j3qfQCDIqV7VJN7SN+HTtnYUrmyS347Ge3 3YD50iGKjlMKGc0s7AT7Cg2NQlz6Qi/k+9Ct+9JwzcTy8iQgoFhbCsc9Sd1+CDUR 0t1jgQkD8Ge5t83Z3NgZp6sAdzKI1E33ttGzypJbC+qNMHgaK8k=
    =enWZ
    -----END PGP SIGNATURE-----


    --==============T87228837430374989=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZ/uH8gAKCRCb9qggYcy5 IbkLAP9niZ/q1t9S7YSUCsrxLYOZqTx7bIWcNApAZp84t5cIvAEAhwjG1A8vZ6H7 1gtBJcVThQ/FcDLJyI8yYQdEpIXSFAA=AS1x
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)