Comment # 3 on bug 1226971 from Camila Camargo de Matos 
(In reply to Hillwood Yang from comment #2)
> This issue does not seem to belong to nodejs-underscore.

My apologies, comment #2 was previously set as private. It seems like
openSUSE:Factory/nodejs-underscore has a vulnerable version of socket.io as a
dependency.

You are receiving this mail because: