projects / feed / packages.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: dfdc5c6) | patch
node: bump to v14.20.1
authorHirokazu MORIKAWA <morikw2@gmail.com>
Fri, 7 Oct 2022 07:18:29 +0000 (16:18 +0900)
committerJosef Schlehofer <pepe.schlehofer@gmail.com>
Sat, 8 Oct 2022 04:16:28 +0000 (06:16 +0200)
commit82629531b73b21b63d0d820419c419019ef96830
treec62a83e6c7f72dc03cb3f48d31b2bc584434c884tree | snapshot
parentdfdc5c6fc94ecffb1abda62097af5e257a26e022commit | diff
node: bump to v14.20.1

The following CVEs are fixed in this release:
* CVE-2022-32212: DNS rebinding in --inspect on macOS (High)
* CVE-2022-32213: bypass via obs-fold mechanic (Medium)
* CVE-2022-35256: HTTP Request Smuggling Due to Incorrect Parsing of Header Fields (Medium)
More detailed information on each of the vulnerabilities can be found in September 22nd 2022 Security Releases blog post.

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
lang/node/Makefile diff | blob | history
Mirror of packages feed