node-sha.js (2.4.9-1ubuntu0.1~esm1) bionic-security; urgency=medium

  * SECURITY UPDATE: improper input validation
    - debian/patches/CVE-2025-9288-1.patch: Validate input types in hash.js.
    - debian/patches/CVE-2025-9288-2.patch: Embed to-buffer.js and its
      dependencies in node_modules.
    - debian/patches/CVE-2025-9288-3.patch: Remove some unneeded
      dependencies from node_modules/get-intrinsic/index.js and
      node_modules/typed-array-buffer/index.js.
    - debian/control: Add node-isarray and node-function-bind to Depends and
      Build-Depends.
    - debian/copyright: Add copyright details for embedded Node modules.
    - debian/install: Install embedded Node modules.
    - CVE-2025-9288

 -- Edwin Jiang <edwin.jiang@canonical.com>  Tue, 23 Sep 2025 15:06:52 +0000

node-sha.js (2.4.9-1) unstable; urgency=medium

  * New upstream version
  * Move to section javascript

 -- Bastien Roucariès <rouca@debian.org>  Thu, 30 Nov 2017 11:46:34 +0100

node-sha.js (2.4.8-1) unstable; urgency=low

  * Initial release (Closes: #858830)

 -- Bastien Roucariès <rouca@debian.org>  Thu, 20 Apr 2017 22:03:54 +0200
