https://bugzilla.suse.com/show_bug.cgi?id=1224385 https://bugzilla.suse.com/show_bug.cgi?id=1224385#c2 Scott Bradnick <scott.bradnick@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |IN_PROGRESS --- Comment #2 from Scott Bradnick <scott.bradnick@suse.com> --- (In reply to Gabriele Sonnu from comment #1)

Vulnerable versions of the micromatch package are embedded in:

- openSUSE:Factory/xpra-html5 micromatch (4.0.5)

Upstream issue:

https://github.com/micromatch/micromatch/issues/243

Talking with xpra-html5 upstream maintainer about this one too in: https://github.com/Xpra-org/xpra-html5/issues/306 -- You are receiving this mail because: You are on the CC list for the bug.