diff --git a/nodejs22.changes b/nodejs22.changes index baefb0f..f04374e 100644 --- a/nodejs22.changes +++ b/nodejs22.changes @@ -58,11 +58,11 @@ Mon Oct 28 11:43:07 UTC 2024 - Adam Majer * worker: add postMessageToThread - Changes since 22.4.1: - * CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High) - * CVE-2024-22020 - Bypass network import restriction via data URL (Medium) - * CVE-2024-22018 - fs.lstat bypasses permission model (Low) - * CVE-2024-36137 - fs.fchown/fchmod bypasses permission model (Low) - * CVE-2024-37372 - Permission model improperly processes UNC paths (Low) + * (CVE-2024-36138, bsc#1227560) - Bypass incomplete fix of CVE-2024-27980 (High) + * (CVE-2024-22020, bsc#1227554) - Bypass network import restriction via data URL (Medium) + * (CVE-2024-22018, bsc#1227562) - fs.lstat bypasses permission model (Low) + * (CVE-2024-36137, bsc#1227561) - fs.fchown/fchmod bypasses permission model (Low) + * (CVE-2024-37372, bsc#1227563) - Permission model improperly processes UNC paths (Low) - Changes since 22.4.0: * deps,lib,src: add experimental web storage