[automatic] Publish 9 advisories for 8 packages #201
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This action searched
recent NVD/EUVD changes/publications, checking 2146 (+2) advisories from NVD and 355 (+1831) from EUVD for advisories that pertain here. It identified 9 advisories as being related to the Julia package(s): Git_jll, LibVPX_jll, ImageMagick_jll, Poppler_jll, libwebp_jll, LibArchive_jll, nghttp2_jll, and libnode_jll.1 advisories apply to all registered versions of a package
These advisories had no obvious failures but computed a range without bounds.
["*"]. Its latest version (1.15.2+0) has components: {libvpx = "*"}webmproject:libvpxat< 1.13.1includes all versions1 advisories apply to the latest version of a package and do not have a patch
["< 1.58.0+0"]. Its latest version (1.67.1+0) has components: {nghttp2 = "1.67.1", nghttp2-libs = "*"}[">= 18.12.1+0"]. Its latest version (18.12.1+0) has components: {node-v = "18.12.1", nodejs = "18.12.1"}nodejs:node.jsat>= 18.0.0, < 18.18.2mapped to[>= 18.12.1+0], includes the latest version`7 advisories found concrete vulnerable ranges
["< 6.9.11+0"]. Its latest version (7.1.2005+0) has components: {imagemagick = "7.1.2-3"}["< 6.9.11+0"]. Its latest version (7.1.2005+0) has components: {imagemagick = "7.1.2-3"}["< 6.9.11+0"]. Its latest version (7.1.2005+0) has components: {imagemagick = "7.1.2-3"}["< 23.12.0+0"]. Its latest version (24.6.0+0) has components: {poppler = "24.06.0", poppler-ink = "24.06.0"}["< 1.3.2+0"]. Its latest version (1.6.0+0) has components: {libwebp = "1.6.0"}["< 2.50.1+0"]. Its latest version (2.51.1+0) has components: {git-for-windows = "2.51.0.windows.1", git = "2.51.0"}["< 3.8.0+0"]. Its latest version (3.8.2+0) has components: {libarchive = "3.8.2"}