projects / feed / packages.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7aa7364) | patch
node: April 3, 2024 Security Releases
authorHirokazu MORIKAWA <morikw2@gmail.com>
Sun, 7 Apr 2024 02:34:45 +0000 (11:34 +0900)
committerTianling Shen <cnsztl@gmail.com>
Sun, 7 Apr 2024 10:01:08 +0000 (18:01 +0800)
commitca3209a3b35cd80de39f9f4f2a263211191807cb
treee32358379e42a17023444f6eab229b8a6158ed5etree | snapshot
parent7aa736482df598dead33f100e01d2b887f9c7637commit | diff
node: April 3, 2024 Security Releases

This is a security release
Notable Changes
* CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High)
* CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium)
* llhttp version 9.2.1
* undici version 5.28.4

Changed to use gz according to main-snapshot

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
lang/node/Makefile diff | blob | history
lang/node/patches/003-path.patch diff | blob | history
lang/node/patches/202-node_gyp.patch diff | blob | history
lang/node/patches/204-v8_gyp.patch diff | blob | history
lang/node/patches/999-localhost-no-addrconfig.patch diff | blob | history
lang/node/patches/999-revert_enable_pointer_authentication_on_arm64.patch diff | blob | history
Mirror of packages feed