request #39674 Ignore node-gettext CVE-2024-21528

Artifact

Infos

Artifact ID#39674

Submitted byThomas Gerbet (tgerbet)

Last Modified On2024-09-13 10:05

Submitted on2024-09-12 16:15

Rank41301

Details

Summary *

Ignore node-gettext CVE-2024-21528

Original Submission

Advisory: https://security.snyk.io/vuln/SNYK-JS-NODEGETTEXT-6100943

We are not impacted in our context but there are no fixed version. We probably should integrate the part of node-gettext we need into @tuleap/gettext as it is appears to be abandoned upstream.

CategoryEmpty

Reported in versionEmpty

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toThomas Gerbet (tgerbet)

StatusClosed

Close date2024-09-13

Attachments

Connected artifacts

Artifact links

Releases

Fixed in

	Artifact ID	Project	Tracker	Summary	Status	Last Update Date	Submitted By	Assigned to
	rel #37898	Tuleap	Releases	16.0	Delivered	2024-10-09 15:47	Manuel Vacelet (vaceletm)

Reverse artifact links

Empty

AttachmentsEmpty

References

Cross references

Referencing request #39674

Git commit

tuleap/tuleap/stable

chore: request #39674 Ignore node-gettext CVE-2024-21528 1c68575d82

Thomas Gerbet (tgerbet) , 2024-09-12 16:18

Merge commit 'refs/changes/05/31905/1' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD 88a87265cd

Nicolas Terray (nterray) , 2024-09-13 10:04

Show items referenced by request #39674

Referenced by request #39674

Artifact Tracker v5

rel #37898 16.0

Other

gerrit #31905

Follow-ups

Nicolas Terray (nterray)

2024-09-13 10:05

Status changed from Under review to Closed
Connected artifacts
- Added Fixed in: rel #37898
Close date set to 2024-09-13

Thomas Gerbet (tgerbet)

2024-09-12 16:19

See gerrit #31905.

Status changed from Under implementation to Under review

Public