From 81cd7959f38e05db07846cc5ba8dcd06146a46e7 Mon Sep 17 00:00:00 2001 From: Hirokazu MORIKAWA Date: Sat, 9 Jul 2022 08:26:01 +0900 Subject: [PATCH] node: July 7th 2022 Security Releases Update to v16.16.0 Release for the following issues: HTTP Request Smuggling - Flawed Parsing of Transfer-Encoding (Medium)(CVE-2022-32213) HTTP Request Smuggling - Improper Delimiting of Header Fields (Medium)(CVE-2022-32214) HTTP Request Smuggling - Incorrect Parsing of Multi-line Transfer-Encoding (Medium)(CVE-2022-32215) DNS rebinding in --inspect via invalid IP addresses (High)(CVE-2022-32212) https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/ No vulnerabilities related with openssl (uses system openssl) Signed-off-by: Hirokazu MORIKAWA (cherry picked from commit 8db0d09823764d50b38ff27a9b13cac7fa46bdd2) --- lang/node/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lang/node/Makefile b/lang/node/Makefile index 12e8afde4a..811e07269a 100644 --- a/lang/node/Makefile +++ b/lang/node/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=node -PKG_VERSION:=v16.15.1 +PKG_VERSION:=v16.16.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://nodejs.org/dist/$(PKG_VERSION) -PKG_HASH:=d4e99d3c1f69711109a67525571058e6009cddbc228e7d723b8fb4a454169b7d +PKG_HASH:=145151eff3b2aa5ebe73384009c52271a83740ae687a93c98c628cd7d52736eb PKG_MAINTAINER:=Hirokazu MORIKAWA , Adrian Panella PKG_LICENSE:=MIT -- 2.30.2