Updated dojo packages has been released for Debian GNU/Linux 8 LTS
Package : dojo
Version : 1.10.2+dfsg-1+deb8u1
CVE ID : CVE-2018-15494
Debian Bug : #906540
It was discovered that there was a string injection vulnerability in
the "dojo" Javascript library.
For Debian 8 "Jessie", this issue has been fixed in dojo version
1.10.2+dfsg-1+deb8u1 by Abhijith PA.
We recommend that you upgrade your dojo packages.