Nixpkgs: Vulnerability roundup 57: libsass-3.5.5: 1 advisory

Created on 27 Dec 2018  路  4Comments  路  Source: NixOS/nixpkgs

search, files

  • [ ] [CVE-2018-19797](https://nvd.nist.gov/vuln/detail/CVE-2018-19797) (nixos-unstable)

Scanned versions: nixos-unstable: 44b02b52ea6. May contain false positives.

security
Source
picture ckauhaus

Most helpful comment

  1. There is no new libsass release past 3.5.5.
  2. The only available patch is https://github.com/sass/libsass/pull/2780 and it does not apply to 3.5.5
  3. I have asked upstream for a backport.
picture rasendubi on 28 Dec 2018
👍3

All 4 comments

  1. There is no new libsass release past 3.5.5.
  2. The only available patch is https://github.com/sass/libsass/pull/2780 and it does not apply to 3.5.5
  3. I have asked upstream for a backport.
rasendubi picture rasendubi on 28 Dec 2018
👍3

https://github.com/sass/libsass/pull/2780#issuecomment-450313235

There are no plans for a new 3.5 release at this time.

rasendubi picture rasendubi on 29 Dec 2018

nixos-19.09 has libsass-3.6.1 which is not listed as vulnerable in the CVE. Can we close this ticket now?

dsg22 picture dsg22 on 13 Nov 2019

yes

ckauhaus picture ckauhaus on 19 Nov 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

teto picture teto  路  3Comments
tomberek picture tomberek  路  3Comments
ob7 picture ob7  路  3Comments
edolstra picture edolstra  路  3Comments
copumpkin picture copumpkin  路  3Comments