nodejs/nodejs8
SHA256
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
nodejs8/npm-v6.14.16.tar.gz
Adam Majer 17a6d023c1 - npm-v6.14.16.tar.gz: update to npm 6.14.16 fixing 
* CVE-2021-23343 - ReDoS via splitDeviceRe, splitTailRe and
    splitPathRe (bsc#1192153)
  * CVE-2021-23343 - node-tar: Insufficient symlink protection
    allowing arbitrary file creation and overwrite (bsc#1191963)
  * CVE-2021-32804 - node-tar: Insufficient absolute path sanitization
    allowing arbitrary file creation and overwrite (bsc#1191962)
  * CVE-2021-3918 - json-schema is vulnerable to Improperly
    Controlled Modification of Object Prototype Attributes (bsc#1192696)
- CVE-2021-3807.patch: node-ansi-regex: Regular expression
  denial of service (ReDoS) matching ANSI escape codes
  (bsc#1192154, CVE-2021-3807)
- test_ssl_cert_fixups.patch: fixup SSL certificates in unit tests

OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs8?expand=0&rev=180
2022-02-16 10:39:49 +00:00

4 lines
132 B
Plaintext
Raw Permalink Blame History

version https://git-lfs.github.com/spec/v1
oid sha256:666ae387b982ccd9878bd1449a029e004b063596c410d2b35c4097e1ae2a23f1
size 5968743
Reference in New Issue View Git Blame Copy Permalink