View Issue Details

IDProjectCategoryView StatusLast Update
0006847Kali Linux[All Projects] Tool Upgradepublic2020-11-19 17:10
Reportertjnull Assigned Tosbrun  
PriorityimmediateSeveritymajorReproducibilityalways
Status assignedResolutionopen 
Product Version2020.4 
Target VersionFixed in Version 
Summary0006847: Joplin Package on Kali is not using the latest version.
DescriptionThe current package of Joplin needs to be updated as it contains a cross site scripting bug and it is missing a variety of fixes/features to improve the tool.

https://www.exploit-db.com/exploits/49024

Latest Version: https://github.com/laurent22/joplin/releases (1.4.10)


Activities

tjnull

2020-11-18 17:58

reporter  

image.png (91,408 bytes)
image.png (91,408 bytes)
image-2.png (33,467 bytes)
image-2.png (33,467 bytes)

rhertzog

2020-11-19 08:17

administrator   ~0013690

Our issue currently is that the build system relies on yarn and yarnpkg is currently broken:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972952

And it can't be fixed because it's no longer buildable in Debian either:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960120

As Kali packagers, we really don't like this node ecosystem which is really brittle and next to impossible to package in a clean way and requires lots of efforts to keep it working...

i'm wondering if we should not replace the Kali package with a kaboxer container instead.

Issue History

Date Modified Username Field Change
2020-11-18 17:58 tjnull New Issue
2020-11-18 17:58 tjnull Status new => assigned
2020-11-18 17:58 tjnull Assigned To => sbrun
2020-11-18 17:58 tjnull File Added: image.png
2020-11-18 17:58 tjnull File Added: image-2.png
2020-11-19 08:17 rhertzog Note Added: 0013690