Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Fedora 23: FEDORA-2015-a7cbc13699 Important Nodejs-Handlebars Security Flaw

fedora
Calendar Grey December 28, 2015
Dist Fedora Esm H88
Security patch for nodejs-handlebars in Fedora to mitigate content injection risks stemming from template usage of quoteless attributes.
Security fix for nodejs-handlebars: mustache: handlebars: Quoteless Attributes in Templates can lead to Content Injection

Summary

Handlebars.js is an extension to the Mustache templating language created by

Chris Wanstrath. Handlebars.js and Mustache are both logicless templating

languages that keep the view and the code separated like we all know they should

be.

Update Information:

Security fix for nodejs-handlebars: mustache: handlebars: Quoteless Attributes in Templates can lead to Content Injection

Change Log

References


[ 1 ] Bug #1291742 - mustache: handlebars: Quoteless Attributes in Templates can lead to Content Injection https://bugzilla.redhat.com/show_bug.cgi?id=1291742

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update nodejs-handlebars' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: nodejs-handlebarsProduct : Fedora 23
Version: 4.0.5
Release: 1.fc23
Summary: Mustache extension for Node.js

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here