1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • bookworm-pu: package angular.js/1.8.3-1+deb12u1 (1/2)

    From Bastien Roucaries@21:1/5 to Debian Bug Tracking System on Sat Jul 19 23:00:25 2025
    XPost: linux.debian.devel.release

    This is a multi-part message in MIME format.

    --nextPart6983526.4vTCxPXJkl
    Content-Transfer-Encoding: 7Bit
    Content-Type: text/plain; charset="utf-8"

    Package: release.debian.org
    Severity: normal
    Tags: bookworm
    X-Debbugs-Cc: [email protected]
    Control: affects -1 + src:angular.js
    User: [email protected]
    Usertags: pu

    [ Reason ]
    Fix all CVEs except CVE-2022-25869 that need iexplore and is no-dsa

    [ Impact ]
    CVEs are still opened

    [ Tests ]
    autopkgtest where added for redos. Manual test for XSS. regression testsuite

    [ Risks ]
    Low

    [ Checklist ]
    [X] *all* changes are documented in the d/changelog
    [X] I reviewed all changes and I approve them
    [X] attach debdiff against the package in (old)stable
    [X] the issue is verified as fixed in unstable

    [ Changes ]
    +
    + * Team upload
    + * Move to js team umbrella
    + * Fix CVE-2022-25844 (Closes: #1014779)
    + A Regular Expression Denial of Service vulnerability (ReDoS)
    + was found by providing a custom locale rule that makes
    + it possible to assign the parameter in posPre: ' '.repeat()
    + of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value
    + * Fix CVE-2023-26116 (Closes: #1036694)
    + A Regular Expression Denial of Service (ReDoS) was found
    + via the angular.copy() utility function due to the usage
    + of an insecure regular expression.
    + * Fix CVE-2023-26116 (Closes: #1036694)
    + A Regular Expression Denial of Service (ReDoS) was found
    + via the angular.copy() utility function due to the usage
    + of an insecure regular expression.
    + * Fix CVE-2023-26117:
    + A Regular Expression Denial of Service (ReDoS) was found
    + via the $resource service due to the usage of an insecure
    + regular expression.
    + * Fix CVE-2023-26118:
    + A Regular Expression Denial of Service (ReDoS) was found
    + via the <input type="url"> element due to the usage of an
    + insecure regular expression in the input[url] functionality.
    + Exploiting this vulnerability is possible by a large
    + carefully-crafted input, which can result in catastrophic
    + backtracking.
    + * Fix CVE-2024-8372: (Closes: #1088804)
    + Improper sanitization of the value of the 'srcset'
    + attribute in AngularJS allows attackers to bypass
    + common image source restrictions, which can also
    + lead to a form of Content Spoofing
    + * Fix CVE-2024-8373: (Closes: #1088805)
    + Improper sanitization of the value of the [srcset]
    + attribute in <source> HTML elements in AngularJS allows
    + attackers to bypass common image source restrictions,
    + which can also lead to a form of Content Spoofing
    + * Fix CVE-2024-21490:
    + A regular expression used to split
    + the value of the ng-srcset directive is vulnerable to
    + super-linear runtime due to backtracking. With large
    + carefully-crafted input, this can result in catastrophic
    + backtracking and cause a denial of service.
    + * Fix CVE-2025-0716: (Closes: #1104485)
    + Improper sanitization of the value of the 'href'
    + and 'xlink:href' attributes in '<image>' SVG elements
    + in AngularJS allows attackers to bypass common image
    + source restrictions. This can lead to a form of
    + Content Spoofing .
    + * Fix CVE-2025-2336:
    + An improper sanitization vulnerability has been identified
    + in ngSanitize module, which allows attackers to bypass
    + common image source restrictions normally
    + applied to image elements. This bypass can further lead to a form of
    + Content Spoofing. Similarly, the application's performance and behavior
    + could be negatively affected by using too large or slow-to-load images.
    +

    [ Other info ]
    Review by kapouer and kanishiro and LTS team

    --nextPart6983526.4vTCxPXJkl
    Content-Disposition: attachment; filename="angular.debdiff" Content-Transfer-Encoding: quoted-printable
    Content-Type: text/x-patch; charset="UTF-8"; name="angular.debdiff"

    diff -Nru angular.js-1.8.3/debian/changelog angular.js-1.8.3/debian/changelog --- angular.js-1.8.3/debian/changelog 2023-02-12 07:45:48.000000000 +0100
    +++ angular.js-1.8.3/debian/changelog 2025-05-11 23:40:38.000000000 +0200
    @@ -1,3 +1,60 @@
    +angular.js (1.8.3-1+deb12u1) bookworm; urgency=medium
    +
    + * Team upload
    + * Move to js team umbrella
    + * Fix CVE-2022-25844 (Closes: #1014779)
    + A Regular Expression Denial of Service vulnerability (ReDoS)
    + was found by providing a custom locale rule that makes
    + it possible to assign the parameter in posPre: ' '.repeat()
    + of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value
    + * Fix CVE-2023-26116 (Closes: #1036694)
    + A Regular Expression Denial of Service (ReDoS) was found
    + via the angular.copy() utility function due to the usage
    + of an insecure regular expression.
    + * Fix CVE-2023-26117:
    + A Regular Expression Denial of Service (ReDoS) was found
    + via the $resource service due to the usage of an insecure
    + regular expression.
    + * Fix CVE-2023-26118:
    + A Regular Expression De