-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 13 Apr 2025 13:42:02 +0200
Source: twitter-bootstrap4
Architecture: source
Version: 4.6.1+dfsg1-4+deb12u1
Distribution: bookworm
Urgency: high
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Closes: 1084059
Changes:
 twitter-bootstrap4 (4.6.1+dfsg1-4+deb12u1) bookworm; urgency=high
 .
   * Team upload
   * Fix CVE-2024-6531 (XSS vulnerability):
     An anchor element (<a>), when used for carousel navigation
     with a data-slide attribute, can contain an href attribute
     value that is not subject to proper content sanitization.
     Improper extraction of the intended target carousel’s
     #id from the href attribute can lead to use cases where
     the click event’s preventDefault()
     is not applied and the href is evaluated and executed.
     As a result, restrictions are not applied to the data
     that is evaluated, which can lead to potential
     XSS vulnerabilities.
     (Closes: #1084059)
Checksums-Sha1:
 f43b2ce6d4a5de6433ea3a35269fe7ab6eeb68fa 2380 twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1.dsc
 e98a1a8175e6450e984d87a197e3afc1aa8716f2 2329588 twitter-bootstrap4_4.6.1+dfsg1.orig.tar.xz
 f12c73346cde14a18c778d5835f181e74b92cefd 19672 twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1.debian.tar.xz
 064cc57c991ce4d062d4e495d2520a29ecb8fc1c 17329 twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1_amd64.buildinfo
Checksums-Sha256:
 725b0f3ac95a87e69b3fe3d4c043ace8f6d0014987e227aaabbf7ddba3e74a43 2380 twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1.dsc
 a2fdd5c181d592deb7ea7b1676188978cc60ebf182d1e6c4d6c712e0c6eb8a54 2329588 twitter-bootstrap4_4.6.1+dfsg1.orig.tar.xz
 4453c6055268a3e94c836dce62c02561b0eb032ef8d11351a44ed1d34aba82ae 19672 twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1.debian.tar.xz
 011310609c1f578f47171eb00e4728e4564ecded3da1431b5cecdfe64cbbde33 17329 twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1_amd64.buildinfo
Files:
 9e60f3f9f7f9f2d982f32ff0440aeaf0 2380 javascript optional twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1.dsc
 d0b7793db9e3976ce87f34dda946affa 2329588 javascript optional twitter-bootstrap4_4.6.1+dfsg1.orig.tar.xz
 cf73c18fed085535fc30958db2c3cbb6 19672 javascript optional twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1.debian.tar.xz
 f7bb803f3f5e21a1bd13fbbb0bff0219 17329 javascript optional twitter-bootstrap4_4.6.1+dfsg1-4+deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmgfd9IACgkQADoaLapB
CF++1BAAqheasCgQUd4+RwYCLmn88lT9mCl3SrYiyINczxFmuGbFxmx2yO36Sw4S
hEWPlQMcC0Gxpk5vwGN+0AnPSr3lufUOG8Q2BzRoA6gJ/3nwnSDbT7Lt72+OPYJn
RmpIG6tGsVhjM4SwwW6BSpaCQ+QH8c87bktUC8PTytaLxotGSwDEXwafc8XwrWZK
yLw6FQWawRcOlhoIvHtIvTZ8dP7nC5NP4RxAbNRT9qqP4/PtCfqC3WZh/q/ApzJ5
VyqLrqh3wCu5N9QN7WiryjRyJzqptRDE6TFzVyPheeoP6xf5YWo3vJ5esqEnqspN
Ta1WiWA9OR06kQtV4Ad53oJJmQIENQkZ+alKBFITtEcwU1mhE9uo4l3dQxSQBRNQ
YTX/L4IFzEOkuguP0vrrH3s/NrEhIYndMly/OySe08QA3AiGZbVSgll2CrQ181Md
tcLwGmaYRDjK6EoB/Vo12h2Y1Y2+NX97/XTwPJGvw9Es1wAxuVM3PgEM0K4zRYp1
wZ7ymbpTfGgIOee+5s9WjVni55+k8qUvFQggZIfLPWcN5qVsMVADhrFedzwJskCq
oRwYVdYXUC5Hd509uwIHDVWO1gP2FNJb0mIzzM3RtD+q9q7dV0Mh27gYn/3fUn4b
xs/fY5lqcaBabZ2U6Hl5nR8vASi7dEQRI4I1O5n+UIabeHzXTks=
=zLSJ
-----END PGP SIGNATURE-----