Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 754
Alerts This Week
Warning Icon 1 754

Fedora 22: Security Update For Nodejs-Handlebars - Content Injection Risk

fedora
Calendar Grey December 28, 2015
Dist Fedora Esm H88
Patch implemented for nodejs-handlebars to mitigate risks associated with Quoteless Attributes within templates, effectively reducing the potential for Content Injection vulnerabilities.
Security fix for nodejs-handlebars: mustache: handlebars: Quoteless Attributes in Templates can lead to Content Injection ---- New upstream release.

Summary

Handlebars.js is an extension to the Mustache templating language created by

Chris Wanstrath. Handlebars.js and Mustache are both logicless templating

languages that keep the view and the code separated like we all know they should

be.

Update Information:

Security fix for nodejs-handlebars: mustache: handlebars: Quoteless Attributes in Templates can lead to Content Injection ---- New upstream release.

Change Log

References


[ 1 ] Bug #1291742 - mustache: handlebars: Quoteless Attributes in Templates can lead to Content Injection https://bugzilla.redhat.com/show_bug.cgi?id=1291742

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update nodejs-handlebars' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: nodejs-handlebarsProduct : Fedora 22
Version: 4.0.5
Release: 1.fc22
Summary: Mustache extension for Node.js

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.