From c64ea3b7fe0ff37cb435d11b2f7d834106b7ae2009ca1c6b0a1ca33470ad8456 Mon Sep 17 00:00:00 2001 From: Adam Majer Date: Mon, 28 Oct 2024 15:27:58 +0100 Subject: [PATCH] add bugzilla references --- nodejs22.changes | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/nodejs22.changes b/nodejs22.changes index baefb0f..f04374e 100644 --- a/nodejs22.changes +++ b/nodejs22.changes @@ -58,11 +58,11 @@ Mon Oct 28 11:43:07 UTC 2024 - Adam Majer * worker: add postMessageToThread - Changes since 22.4.1: - * CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High) - * CVE-2024-22020 - Bypass network import restriction via data URL (Medium) - * CVE-2024-22018 - fs.lstat bypasses permission model (Low) - * CVE-2024-36137 - fs.fchown/fchmod bypasses permission model (Low) - * CVE-2024-37372 - Permission model improperly processes UNC paths (Low) + * (CVE-2024-36138, bsc#1227560) - Bypass incomplete fix of CVE-2024-27980 (High) + * (CVE-2024-22020, bsc#1227554) - Bypass network import restriction via data URL (Medium) + * (CVE-2024-22018, bsc#1227562) - fs.lstat bypasses permission model (Low) + * (CVE-2024-36137, bsc#1227561) - fs.fchown/fchmod bypasses permission model (Low) + * (CVE-2024-37372, bsc#1227563) - Permission model improperly processes UNC paths (Low) - Changes since 22.4.0: * deps,lib,src: add experimental web storage