rpms/nodejs20
7
0
Fork 0
Code Issues Pull Requests Releases Activity
750 Commits 1 Branch 1 Tag 1 MiB
8f462ce5d3
Go to file
Stephen Gallagher 8f462ce5d3 Update to 20.8.1 
This is a security release.

The following CVEs are fixed in this release:

* [CVE-2023-44487](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487): `nghttp2` Security Release (High)
* [CVE-2023-45143](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45143): `undici` Security Release (High)
* [CVE-2023-39332](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39332): Path traversal through path stored in Uint8Array (High)
* [CVE-2023-39331](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39331): Permission model improperly protects against path traversal (High)
* [CVE-2023-38552](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38552):  Integrity checks according to policies can be circumvented (Medium)
* [CVE-2023-39333](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39333): Code injection via WebAssembly export names (Low)

More detailed information on each of the vulnerabilities can be found in [October 2023 Security Releases](https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/) blog post.

Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-10-16 11:59:52 -04:00
packaging Fix variable substitution 2023-09-07 16:29:05 -04:00
.gitignore Update to Node.js 16.15.0 2022-04-27 19:13:00 -04:00
0001-Remove-unused-OpenSSL-config.patch Update to 20.6.1 2023-09-15 10:12:29 -04:00
btest402.js Add proper i18n support 2019-11-06 13:10:19 -05:00
changelog Switch to %autochangelog 2022-06-27 17:02:42 -04:00
macros.nodejs add no-op macro to provide spec compatibility with EPEL 2013-04-14 18:21:43 -07:00
nodejs20.spec Update to 20.8.1 2023-10-16 11:59:52 -04:00
nodejs-sources.sh sources: Check for node binary 2023-07-12 12:50:47 -04:00
nodejs.pc.in Add pkg-config files 2023-03-29 18:09:21 -04:00
npmrc Set npmrc to use python3 explicitly 2020-03-16 08:12:49 -04:00
npmrc.builtin.in Replace /usr/etc/npmrc symlink with builtin configuration 2023-04-27 13:23:13 +02:00
README-packaging.md Add version note to packaging readme 2023-08-28 18:43:55 -04:00
sources Update to 20.8.1 2023-10-16 11:59:52 -04:00
test2.js Additional i18n test 2022-03-17 12:20:29 -04:00
v8.pc.in Add pkg-config files 2023-03-29 18:09:21 -04:00