SHA256
1
0
forked from pool/nodejs22

add bugzilla references

This commit is contained in:
Adam Majer 2024-10-28 15:27:58 +01:00
parent c048babd99
commit c64ea3b7fe

View File

@ -58,11 +58,11 @@ Mon Oct 28 11:43:07 UTC 2024 - Adam Majer <adam.majer@suse.de>
* worker: add postMessageToThread * worker: add postMessageToThread
- Changes since 22.4.1: - Changes since 22.4.1:
* CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High) * (CVE-2024-36138, bsc#1227560) - Bypass incomplete fix of CVE-2024-27980 (High)
* CVE-2024-22020 - Bypass network import restriction via data URL (Medium) * (CVE-2024-22020, bsc#1227554) - Bypass network import restriction via data URL (Medium)
* CVE-2024-22018 - fs.lstat bypasses permission model (Low) * (CVE-2024-22018, bsc#1227562) - fs.lstat bypasses permission model (Low)
* CVE-2024-36137 - fs.fchown/fchmod bypasses permission model (Low) * (CVE-2024-36137, bsc#1227561) - fs.fchown/fchmod bypasses permission model (Low)
* CVE-2024-37372 - Permission model improperly processes UNC paths (Low) * (CVE-2024-37372, bsc#1227563) - Permission model improperly processes UNC paths (Low)
- Changes since 22.4.0: - Changes since 22.4.0:
* deps,lib,src: add experimental web storage * deps,lib,src: add experimental web storage