{"id":"MGASA-2015-0454","summary":"Updated uglify-js packages fix security vulnerability","details":"The UglifyJS node module has a problem where the combination of\nDe Morgan's Law and non-boolean values can lead to a case where code is\nincorrectly minified, which can lead to possibly malicious minified JS\ncode.\n","modified":"2026-04-16T04:27:57.065877Z","published":"2015-11-19T22:08:19Z","references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0454.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=16643"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2015/08/24/5"}],"affected":[{"package":{"name":"uglify-js","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/uglify-js?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.24-3.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-align-text","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-align-text?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.1.3-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-ansi-regex","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-ansi-regex?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-camelcase","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-camelcase?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.1-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-center-align","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-center-align?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.1.1-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-cliui","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-cliui?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.3-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-code-point-at","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-code-point-at?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-decamelize","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-decamelize?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-invert-kv","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-invert-kv?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-is-buffer","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-is-buffer?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-is-fullwidth-code-point","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-is-fullwidth-code-point?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-kind-of","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-kind-of?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.1-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-lcid","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-lcid?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-longest","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-longest?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.1-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-minimist","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-minimist?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-number-is-nan","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-number-is-nan?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-os-locale","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-os-locale?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.4.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-repeat-string","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-repeat-string?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.5.2-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-right-align","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-right-align?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.1.3-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-source-map","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-source-map?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.5.1-1.1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-string-width","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-string-width?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.1-6.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-strip-ansi","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-strip-ansi?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-window-size","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-window-size?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.1.2-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-wrap-ansi","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-wrap-ansi?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-y18n","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-y18n?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.2.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}},{"package":{"name":"nodejs-yargs","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nodejs-yargs?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.28.0-2.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0454.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}