nodejs8

nodejs/nodejs8

SHA256

Fork 0

Commit Graph

Author	SHA256	Message	Date
Adam Majer	17a6d023c1	- npm-v6.14.16.tar.gz: update to npm 6.14.16 fixing * CVE-2021-23343 - ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153) * CVE-2021-23343 - node-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite (bsc#1191963) * CVE-2021-32804 - node-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite (bsc#1191962) * CVE-2021-3918 - json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (bsc#1192696) - CVE-2021-3807.patch: node-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (bsc#1192154, CVE-2021-3807) - test_ssl_cert_fixups.patch: fixup SSL certificates in unit tests OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs8?expand=0&rev=180	2022-02-16 10:39:49 +00:00

Author

SHA256

Message

Date

Adam Majer

17a6d023c1

- npm-v6.14.16.tar.gz: update to npm 6.14.16 fixing

* CVE-2021-23343 - ReDoS via splitDeviceRe, splitTailRe and
    splitPathRe (bsc#1192153)
  * CVE-2021-23343 - node-tar: Insufficient symlink protection
    allowing arbitrary file creation and overwrite (bsc#1191963)
  * CVE-2021-32804 - node-tar: Insufficient absolute path sanitization
    allowing arbitrary file creation and overwrite (bsc#1191962)
  * CVE-2021-3918 - json-schema is vulnerable to Improperly
    Controlled Modification of Object Prototype Attributes (bsc#1192696)
- CVE-2021-3807.patch: node-ansi-regex: Regular expression
  denial of service (ReDoS) matching ANSI escape codes
  (bsc#1192154, CVE-2021-3807)
- test_ssl_cert_fixups.patch: fixup SSL certificates in unit tests

OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs8?expand=0&rev=180

2022-02-16 10:39:49 +00:00

1 Commits