nodejs/nodejs14
SHA256
8
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0091714e09ca4eaa4e661ddbbb4ffb6414713fb5f10409b2eb1c4ff0d400344e
nodejs14/nodejs-libpath.patch
Adam Majer e682f4f498 - update to 14.19.0: 
* crypto: make FIPS related options always available
  * deps: deps: upgrade npm to 6.14.16
    + CVE-2021-23343 - ReDoS via splitDeviceRe, splitTailRe and
      splitPathRe (bsc#1192153)
    + CVE-2021-23343 - node-tar: Insufficient symlink protection
      allowing arbitrary file creation and overwrite (bsc#1191963)
    + CVE-2021-32804 - node-tar: Insufficient absolute path sanitization
      allowing arbitrary file creation and overwrite (bsc#1191962)
    + CVE-2021-3918 - json-schema is vulnerable to Improperly
      Controlled Modification of Object Prototype Attributes (bsc#1192696)
  * module: support pattern trailers
  * src: make napi_create_reference accept symbol
- CVE-2021-3807.patch: node-ansi-regex: Regular expression
  denial of service (ReDoS) matching ANSI escape codes
  (bsc#1192154, CVE-2021-3807)
- versioned.patch, nodejs-libpath.patch: refreshed

OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs14?expand=0&rev=89
2022-02-16 16:28:10 +00:00

2.4 KiB
Raw Blame History

View Raw
Reference in New Issue View Git Blame Copy Permalink