[SECURITY] Fedora 23 Update: nodejs-handlebars-4.0.5-1.fc23

updates at fedoraproject.org updates at fedoraproject.org
Mon Dec 28 23:05:38 UTC 2015


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-a7cbc13699
2015-12-28 19:20:02.185450
--------------------------------------------------------------------------------

Name        : nodejs-handlebars
Product     : Fedora 23
Version     : 4.0.5
Release     : 1.fc23
URL         : http://handlebarsjs.com/
Summary     : Mustache extension for Node.js
Description :
Handlebars.js is an extension to the Mustache templating language created by
Chris Wanstrath. Handlebars.js and Mustache are both logicless templating
languages that keep the view and the code separated like we all know they should
be.

--------------------------------------------------------------------------------
Update Information:

Security fix for nodejs-handlebars: mustache: handlebars: Quoteless Attributes
in Templates can lead to Content Injection
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1291742 - mustache: handlebars: Quoteless Attributes in Templates can lead to Content Injection
        https://bugzilla.redhat.com/show_bug.cgi?id=1291742
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program. Use
su -c 'yum update nodejs-handlebars' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list