Fedora alert FEDORA-2015-a7cbc13699 (nodejs-handlebars)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 23 Update: nodejs-handlebars-4.0.5-1.fc23 | |
| Date: | Mon, 28 Dec 2015 23:05:38 +0000 (UTC) | |
| Message-ID: | <20151228230538.8BA51601CF86@bastion01.phx2.fedoraproject.org> |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-a7cbc13699 2015-12-28 19:20:02.185450 -------------------------------------------------------------------------------- Name : nodejs-handlebars Product : Fedora 23 Version : 4.0.5 Release : 1.fc23 URL : http://handlebarsjs.com/ Summary : Mustache extension for Node.js Description : Handlebars.js is an extension to the Mustache templating language created by Chris Wanstrath. Handlebars.js and Mustache are both logicless templating languages that keep the view and the code separated like we all know they should be. -------------------------------------------------------------------------------- Update Information: Security fix for nodejs-handlebars: mustache: handlebars: Quoteless Attributes in Templates can lead to Content Injection -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291742 - mustache: handlebars: Quoteless Attributes in Templates can lead to Content Injection https://bugzilla.redhat.com/show_bug.cgi?id=1291742 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update nodejs-handlebars' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...