sbraz
commented
5 years ago Apparently nodejs and friends are part of universe which isn't fully supported. I guess this isn't a bug then…
Closed sbraz closed 5 years ago
sbraz
commented
5 years ago Apparently nodejs and friends are part of universe which isn't fully supported. I guess this isn't a bug then…
Hi, I noticed that one of my Ubuntu Xenial hosts is reported as vulnerable to CVE-2016-10540, CVE-2015-8860 and CVE-2017-1000381. Looking at the Ubuntu reports indicates that an
esmversion is required but it's not the currently installed version (and it doesn't seem to be available in the standard repositories):I don't understand why Ubuntu 14 would have ESM packages since it's still supported. Does this mean that the packages in the normal repositories are still vulnerable or is this a Pakiti bug?