nodejs18

adamm/nodejs18

Fork 0

forked from pool/nodejs18

Commit Graph

Author	SHA1	Message	Date
Adam Majer	b6349c1613	- Update to NodeJS 18.14.2 LTS: * deps: upgrade npm to 9.5.0 * deps: update undici to 5.20.0 - Changes in version 18.14.1: * fixes permissions policies can be bypassed via process.mainModule (bsc#1208481, CVE-2023-23918) * fixes insecure loading of ICU data through ICU_DATA environment variable (bsc#1208487, CVE-2023-23920) * fixes OpenSSL error handling issues in nodejs crypto library (bsc#1208483, CVE-2023-23919) * updates undici to v5.19.1 + Fetch API in Node.js did not protect against CRLF injection in host headers + Regular Expression Denial of Service in Headers in Node.js fetch API (bsc#1208413, bsc#1208485, CVE-2023-24807, CVE-2023-23936) - Update to NodeJS 18.14.0 LTS: * deps: + update npm to 9.2.0 * http: + join authorization headers + improved timeout defaults handling * stream: + implement finished() for ReadableStream and WritableStream - refreshed patches: linker_lto_jobs.patch, npm_search_paths.patch, versioned.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=47	2023-02-22 14:23:30 +00:00
Adam Majer	38fc9b6db2	- Initial packaging of Nodejs 18.2.0. For detailed changes since previous versions, see https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V18.md#18.2.0 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=1	2022-05-19 15:11:22 +00:00

Author

SHA1

Message

Date

Adam Majer

b6349c1613

- Update to NodeJS 18.14.2 LTS:

* deps: upgrade npm to 9.5.0
  * deps: update undici to 5.20.0
- Changes in version 18.14.1:
  * fixes permissions policies can be bypassed via process.mainModule
    (bsc#1208481, CVE-2023-23918)
  * fixes insecure loading of ICU data through ICU_DATA environment
    variable (bsc#1208487, CVE-2023-23920)
  * fixes OpenSSL error handling issues in nodejs crypto library
    (bsc#1208483, CVE-2023-23919)
  * updates undici to v5.19.1
    + Fetch API in Node.js did not protect against CRLF injection in host headers
    + Regular Expression Denial of Service in Headers in Node.js fetch API
    (bsc#1208413, bsc#1208485, CVE-2023-24807, CVE-2023-23936)

- Update to NodeJS 18.14.0 LTS:
  * deps:
    + update npm to 9.2.0
  * http:
    + join authorization headers
    + improved timeout defaults handling
  * stream:
    + implement finished() for ReadableStream and WritableStream
- refreshed patches: linker_lto_jobs.patch, npm_search_paths.patch,
  versioned.patch

OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=47

2023-02-22 14:23:30 +00:00

Adam Majer

38fc9b6db2

- Initial packaging of Nodejs 18.2.0. For detailed changes

since previous versions, see
  https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V18.md#18.2.0

OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=1

2022-05-19 15:11:22 +00:00

2 Commits