[Deepin Integration]~[v25-Release] fix(node-anymatch): CVE-2026-33671, CVE-2026-33672 by deepin-ci-robot@deepin-community/node-anymatch by deepin-community-ci-bot[bot]

### Package information | 软件包信息

包名 | 版本
--  | --
node-anymatch | [3.1.3+~cs4.6.1-2deepin1](https://github.com/deepin-community/node-anymatch/commit/fc8a1b3c3e9db0ee5b87765b3029c2d051315d7b)

### Package repository address | 软件包仓库地址

    deb [trusted=yes] https://ci.deepin.com/repo/obs/deepin:/CI:/TestingIntegration:/test-integration-pr-3964/testing/ ./

### Changelog | 更新信息

#### node-anymatch (3.1.3+~cs4.6.1-2deepin1) unstable; urgency=medium

  * Security fixes for bundled picomatch (CVE-2026-33671, CVE-2026-
    33672)  CVE-2026-33671: Fix ReDoS vulnerability in extglob patterns.
    Adds maxExtglobRecursion option to limit nested quantified extglobs.
    CVE-2026-33672: Fix method injection in POSIX character classes.
    Adds __proto__: null to POSIX_REGEX_SOURCE.  Upstream:
    https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2




Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Deepin Integration]~[v25-Release] fix(node-anymatch): CVE-2026-33671, CVE-2026-33672 by deepin-ci-robot@deepin-community/node-anymatch by deepin-community-ci-bot[bot] #13202

Package information | 软件包信息

Package repository address | 软件包仓库地址

Changelog | 更新信息

node-anymatch (3.1.3+~cs4.6.1-2deepin1) unstable; urgency=medium

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[Deepin Integration]~[v25-Release] fix(node-anymatch): CVE-2026-33671, CVE-2026-33672 by deepin-ci-robot@deepin-community/node-anymatch by deepin-community-ci-bot[bot] #13202

Description

Package information | 软件包信息

Package repository address | 软件包仓库地址

Changelog | 更新信息

node-anymatch (3.1.3+~cs4.6.1-2deepin1) unstable; urgency=medium

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions