- Update to 21.6.2: (security updates)
* (CVE-2024-21892, bsc#1219992) - Code injection and privilege escalation through Linux capabilities- (High) * (CVE-2024-22019, bsc#1219993) - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High) * (CVE-2024-21896, bsc#1219994) - Path traversal by monkey-patching Buffer internals- (High) * (CVE-2024-22017, bsc#1219995) - setuid() does not drop all privileges due to io_uring - (High) * (CVE-2023-46809, bsc#1219997) - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium) * (CVE-2024-21891, bsc#1219998) - Multiple permission model bypasses due to improper path traversal sequence sanitization - (Medium) * (CVE-2024-21890, bsc#1219999) - Improper handling of wildcards in --allow-fs-read and --allow-fs-write (Medium) * (CVE-2024-22025, bsc#1220014) - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium) * undici version 5.28.3 (CVE-2024-24758, bsc#1220017) * libuv version 1.48.0 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs21?expand=0&rev=19
This commit is contained in:
Git OBS Bridge
parent
77c8365d40
commit
3dd84fa6f5
@ -1,41 +1,41 @@
|
|||||||
0dbffde04695933f508e964a103657d6ef55ddadf3d8e9c39e0191c6ee2b4ead node-v21.6.1-aix-ppc64.tar.gz
|
e06dff53a5e2a88caff9735c076165a6a53f4c45960a8887410684e1fea6c7cb node-v21.6.2-aix-ppc64.tar.gz
|
||||||
88f1d4e8982d0cc439137c9b95405622489d1573051a7a13d618ef0ef2896e76 node-v21.6.1-arm64.msi
|
c7fa8788001eaac4bb250a84f6b3a918ebaa8016111ece95d59b513cf4a394dc node-v21.6.2-arm64.msi
|
||||||
94c280bba809fa66867e363ec9e990217aedf893116660b8c75a1c4fda3baea5 node-v21.6.1-darwin-arm64.tar.gz
|
120c8205654c640865864dc464389b3ffe6d7ebe310dffdbe3fd8718a512e14f node-v21.6.2-darwin-arm64.tar.gz
|
||||||
a1edec87af235b55443cb87d38f523d86cefa3426b9b9fe52328430124ae48ed node-v21.6.1-darwin-arm64.tar.xz
|
f8aa996b4e7700069892bc9ff28ddef3b3b3c8c952b929d1b148c943995970e3 node-v21.6.2-darwin-arm64.tar.xz
|
||||||
5c4821c62a1f61cf3219bc244d30a5b1cdec197c8acabc1ee7cd9ff17bbba947 node-v21.6.1-darwin-x64.tar.gz
|
0f75d9b46b986100c6faeec040ee46adf4981eb6abb5dd63e7a6ca4868d280f4 node-v21.6.2-darwin-x64.tar.gz
|
||||||
35b0000723ab93ae3110fbdb2833947bc206da761d36da15ed2ef2f3b7f9b3b6 node-v21.6.1-darwin-x64.tar.xz
|
5944de39bc7b8af229b0024d583ced7c76cee194ee9068a07d67372a606c5105 node-v21.6.2-darwin-x64.tar.xz
|
||||||
d0bc7a37a7a16301565119c472cfa3c00a4122891bec792d83f2992e3eefb62e node-v21.6.1-headers.tar.gz
|
55d9a03dcfce682583eb5e7eec15f32ae95b28b6e805f31688b22a7bd71581b1 node-v21.6.2-headers.tar.gz
|
||||||
7b217de8af0d2c05fffd0fb8b5cb2136c93e312bccd5cf454f039196777e4762 node-v21.6.1-headers.tar.xz
|
976500ffa659108fa2eb30daae2f1b96a34a97b2caa1db30802ac56edc2b237a node-v21.6.2-headers.tar.xz
|
||||||
e19a4364cf27c9c0cdc1472faf4eece6313b590f1e9c55852d8ec3efa89fe097 node-v21.6.1-linux-arm64.tar.gz
|
b8431985c53cc14e02cddf4c128d043c62af19023f908ebcdc1c6a683ee995f3 node-v21.6.2-linux-arm64.tar.gz
|
||||||
19900c1a0a9d7e2ea781b46c7d498ffdf3e37e34f46b96e7344bd7bb8f27be66 node-v21.6.1-linux-arm64.tar.xz
|
2606765f95262bcebb323e56a39b3be8db89863fbd83e06d2b5a08e41dc78f29 node-v21.6.2-linux-arm64.tar.xz
|
||||||
b899fcb09400b255e6264dabca907e7a567debae98a4cce248fcdea2f2ebaf1c node-v21.6.1-linux-armv7l.tar.gz
|
d6127be538ae57447fd40bac6ea124ad71cfd5a50b9343b781830cc92bc1a0c2 node-v21.6.2-linux-armv7l.tar.gz
|
||||||
ee63708a84ad27268a62dc04f697016f762c6c8a4261d0e1680d45829f9fa06f node-v21.6.1-linux-armv7l.tar.xz
|
ae33085c3d635f9488f47c56ee90fdf0dc9c1d0a520cfbe281c5b08d69e64da0 node-v21.6.2-linux-armv7l.tar.xz
|
||||||
859654218d795ab60c213d29af492904d74fd0a7a1cebc3790b1cb61838fc5eb node-v21.6.1-linux-ppc64le.tar.gz
|
2e265d86f9d20ba223d65ceadc0589b156439a5521cd9da6e34de5460a0d2195 node-v21.6.2-linux-ppc64le.tar.gz
|
||||||
0f22931238d96d931e8ad788326f4db92860e83105c493ee9b29a4b378b18f18 node-v21.6.1-linux-ppc64le.tar.xz
|
b951f52db17b75a7bff0a2da2cefca3ba1e4dd7368b2b1280f39fcbecde0555c node-v21.6.2-linux-ppc64le.tar.xz
|
||||||
a4c885443eb92199253fe6efb48c2211ae09b003edf3af8220532a4a6fc77c86 node-v21.6.1-linux-s390x.tar.gz
|
7cba8c2b2338aaa05f5dec5d953d61cdf5219881a7c8d420f215e920a33c06fa node-v21.6.2-linux-s390x.tar.gz
|
||||||
efa9496c3c1e1691dfabea45e2839b592675a571880b9d25b35d3565e16f3d66 node-v21.6.1-linux-s390x.tar.xz
|
167bb0595478bae4c46b2248cae16890d24c2a9c92de7d0e27f9d1cafcad21ba node-v21.6.2-linux-s390x.tar.xz
|
||||||
d2ac105754e5fc657a6a25ea7d31f19dd63d3ec845dce0aef0232533d52bc125 node-v21.6.1-linux-x64.tar.gz
|
d4504dcbcd1a9ded42d86bc20a7e72d6d631e49dcf3f9c849c3b51b12f3f4544 node-v21.6.2-linux-x64.tar.gz
|
||||||
c65cbf7342260df8e59dd2fe2e06dc1f36ac46c9d433a64cd84521fd4915c291 node-v21.6.1-linux-x64.tar.xz
|
593dd28f5c78d797e76b730937b95fcdfc594f053a8756b1d0860a4555bed58e node-v21.6.2-linux-x64.tar.xz
|
||||||
da16368922e7da397df62c9f7571880a5d7bb8506c43097b71edf4001bc9c628 node-v21.6.1.pkg
|
a0cdada31786f6ff1f82e8fd91bda23cd4f615a56acd3c9605cd468b60b8437a node-v21.6.2-win-arm64.7z
|
||||||
7e284d0d64c2edcec84ecfd5bda1d9e7b82a8a3fe401f8b7023c5bc1d9fdd4d5 node-v21.6.1.tar.gz
|
a201948e5f0df6de6c4b42dbcb42d7a10d3cb5b6dbb7a40e3f4244644d3b3d1a node-v21.6.2-win-arm64.zip
|
||||||
7a82f356d1dcba5d766f0e1d4c750e2e18d6290b710b7d19a8725241e7af1f60 node-v21.6.1.tar.xz
|
d450d170009d272c98765af3abf2bbc2903c1c08856f9e3730be03cc9d9b2bc5 node-v21.6.2-win-x64.7z
|
||||||
b368ed9585ace23d145569ec670fbcbe29d2014c4fa9383705edfba9e12ec432 node-v21.6.1-win-arm64.7z
|
99bac3a930bd487e53c5a35b3e2f5ec102053316d7eb89f93273d916d57353a2 node-v21.6.2-win-x64.zip
|
||||||
043d147e0fd55dd044ef304d4d87303f69bdf3bd1a6fd715871eee3df7f153dd node-v21.6.1-win-arm64.zip
|
44dee171378d7ac9967e772a8f114be5fdf59a163f65ec5faa7411c8be3bc961 node-v21.6.2-win-x86.7z
|
||||||
c09bf7f09eb3aab90b1d1a6daae9f2b99704333fe6bb83a757bd2de8d2f849a1 node-v21.6.1-win-x64.7z
|
1701b32ba5315c794c2a64ef4a71e93ad2a6c109acf5b577d628413a7dc5cd04 node-v21.6.2-win-x86.zip
|
||||||
a74b3933e73982553c1fdea3a3a27b09488ac09845e230c7532d4387c0f9c8fe node-v21.6.1-win-x64.zip
|
e081647df79c833e9d62e7edff5e9e01dbd5b78417dff6ef149e6384e8327bcf node-v21.6.2-x64.msi
|
||||||
8d936365d2473e5f11452d60a61b041ce3a95e93686cef8fb1248516f56407de node-v21.6.1-win-x86.7z
|
12960661f83a1618adf57e84eddcd1886edec452d74f27318efde8b92a25c91a node-v21.6.2-x86.msi
|
||||||
1d0cdad8b691fc1a92cf1d301ea24c905d36d36f9134a7a7e4c60ce12eef6393 node-v21.6.1-win-x86.zip
|
6b5d7153dffec20487cbcb81d5ebaf97e6678eb463337e8429ba4e7b60754505 node-v21.6.2.pkg
|
||||||
6ced3da3d4689a150452a2a6bce30d4c61067e9ec37cb89f56cc930a7ae468a4 node-v21.6.1-x64.msi
|
9020fb36ec7e04f5032944c8422c2004350e9bfcd5e835ac3c90b74981c1f3e0 node-v21.6.2.tar.gz
|
||||||
bcf13ea38a038fa4c156f6795d8f7d05b1c4a7dc3804c99717cbd0321199bb2b node-v21.6.1-x86.msi
|
191294d445d1e6800359acc8174529b1e18e102147dc5f596030d3dce96931e5 node-v21.6.2.tar.xz
|
||||||
292c6e750a066c7306b42375874eadca1a7e1e7351022f8bcc75083223c82bd1 win-arm64/node.exe
|
ae7ccd1298e8871e61c1223a929ff482fa43d29aa284118798f01a73e40b2b29 win-arm64/node.exe
|
||||||
7bf3d6ec7d4f20a33ec4bc6140a196da9bae6ea7ade0bfc312bde82fcf1e341e win-arm64/node.lib
|
cf6082f3ffb45335d41566805c7b844082f36042fa7dc2dc6aecdc3ce0e7c79a win-arm64/node.lib
|
||||||
e36f9a1579efc8e4951dbaa54be610a968b039d41bcdab5fe971214f4d720061 win-arm64/node_pdb.7z
|
8cb47e9ebda0efb8578382db82001308bcb2de95e0275e0bca3ff4f03de140b1 win-arm64/node_pdb.7z
|
||||||
b50ca588dcdbe6c8e922b0ed3875e700e027349754b36f5c2e4078298cb8deff win-arm64/node_pdb.zip
|
cdb3d760f9aca9578135c25f299b382e074bfcb56b2d321acf278a0a76ec2eb4 win-arm64/node_pdb.zip
|
||||||
18888b1cb13e581cba0eae3444bd37aa1946c0eb7ddb4cb2352cc7213501b219 win-x64/node.exe
|
3f06d98986b4ddf7e9d258936bb7b8907c44c6e9a29c645a5aca04e5a26c0b53 win-x64/node.exe
|
||||||
062c4519e957aac29ee4e03ca5ff80212d72cd5f075e5d6e58f98fdd01d8b244 win-x64/node.lib
|
cacf06da3d7f04d0a0a5a901bfbdbaf0950cc5f73febf7b2f451b27c7f6265b1 win-x64/node.lib
|
||||||
ac048ae771d7bb4c35307dd8a3df384d947737ef25f804f442c08dd4f4eedf2b win-x64/node_pdb.7z
|
077739fded97d02d026db839aca840622c34b7e584efe294d40fc8d1bd9dc19a win-x64/node_pdb.7z
|
||||||
7a753ffdde2ea70324cd4d21d34cc7719f0a9772a93e6cf0dd8975101896a11b win-x64/node_pdb.zip
|
54c3a6fea6f832716bfe5d918a56ca1767ae89163729c34d866c2623c0a90edf win-x64/node_pdb.zip
|
||||||
4a7b36ebdb5a8f42e87a5c8b7e2b2dacf73c3f74fd2d060618138d8ee8a60e69 win-x86/node.exe
|
0aaa0f4635253afe9660f64a862786db555961ecc7217b68fa120817c0c56a00 win-x86/node.exe
|
||||||
ca3fefa67c54bf9b18913b4b0e95d1b61a82b9a3f09acb8feea8fb96f56bc3b8 win-x86/node.lib
|
ca6545afa230d2abdbf8ba19065f77b727bde72dfa253c466d876d0b3a7ea4ee win-x86/node.lib
|
||||||
c33858a9294444e08c1dfd1634c25f31ed0142c6a0e0d8c0ce58ed63f39840ae win-x86/node_pdb.7z
|
cf24de1e7157ac4bac77fccb255fe295e8639a349d5c9f8726fe3e6b5ccf8afc win-x86/node_pdb.7z
|
||||||
28dbc65626661a4510daf469a0da43a5166510dc6e26661a732533df648cdbc6 win-x86/node_pdb.zip
|
99f2345e0e737fbd7f8d94b4118d9dc820ebc198823de29324e1f1754f84c9e0 win-x86/node_pdb.zip
|
||||||
|
|||||||
Binary file not shown.
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:7a82f356d1dcba5d766f0e1d4c750e2e18d6290b710b7d19a8725241e7af1f60
|
|
||||||
size 42656664
|
|
||||||
3
node-v21.6.2.tar.xz
Normal file
3
node-v21.6.2.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:191294d445d1e6800359acc8174529b1e18e102147dc5f596030d3dce96931e5
|
||||||
|
size 42668368
|
||||||
@ -1,3 +1,18 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Feb 16 15:37:23 UTC 2024 - Adam Majer <adam.majer@suse.de>
|
||||||
|
|
||||||
|
- Update to 21.6.2: (security updates)
|
||||||
|
* (CVE-2024-21892, bsc#1219992) - Code injection and privilege escalation through Linux capabilities- (High)
|
||||||
|
* (CVE-2024-22019, bsc#1219993) - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High)
|
||||||
|
* (CVE-2024-21896, bsc#1219994) - Path traversal by monkey-patching Buffer internals- (High)
|
||||||
|
* (CVE-2024-22017, bsc#1219995) - setuid() does not drop all privileges due to io_uring - (High)
|
||||||
|
* (CVE-2023-46809, bsc#1219997) - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium)
|
||||||
|
* (CVE-2024-21891, bsc#1219998) - Multiple permission model bypasses due to improper path traversal sequence sanitization - (Medium)
|
||||||
|
* (CVE-2024-21890, bsc#1219999) - Improper handling of wildcards in --allow-fs-read and --allow-fs-write (Medium)
|
||||||
|
* (CVE-2024-22025, bsc#1220014) - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium)
|
||||||
|
* undici version 5.28.3 (CVE-2024-24758, bsc#1220017)
|
||||||
|
* libuv version 1.48.0
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Feb 12 14:51:32 UTC 2024 - Adam Majer <adam.majer@suse.de>
|
Mon Feb 12 14:51:32 UTC 2024 - Adam Majer <adam.majer@suse.de>
|
||||||
|
|
||||||
|
|||||||
@ -31,7 +31,7 @@
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
Name: nodejs21
|
Name: nodejs21
|
||||||
Version: 21.6.1
|
Version: 21.6.2
|
||||||
Release: 0
|
Release: 0
|
||||||
|
|
||||||
# Double DWZ memory limits
|
# Double DWZ memory limits
|
||||||
@ -298,7 +298,7 @@ BuildRequires: openssl >= %{openssl_req_ver}
|
|||||||
%else
|
%else
|
||||||
# bundled openssl
|
# bundled openssl
|
||||||
%if %node_version_number <= 12 && 0%{?suse_version} == 1315 && 0%{?sle_version} < 120400
|
%if %node_version_number <= 12 && 0%{?suse_version} == 1315 && 0%{?sle_version} < 120400
|
||||||
Provides: bundled(openssl) = 3.0.12
|
Provides: bundled(openssl) = 3.0.13
|
||||||
%else
|
%else
|
||||||
BuildRequires: bundled_openssl_should_not_be_required
|
BuildRequires: bundled_openssl_should_not_be_required
|
||||||
%endif
|
%endif
|
||||||
@ -371,10 +371,10 @@ ExclusiveArch: not_buildable
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
Provides: bundled(uvwasi) = 0.0.19
|
Provides: bundled(uvwasi) = 0.0.19
|
||||||
Provides: bundled(libuv) = 1.47.0
|
Provides: bundled(libuv) = 1.48.0
|
||||||
Provides: bundled(v8) = 11.8.172.17
|
Provides: bundled(v8) = 11.8.172.17
|
||||||
%if %{with intree_brotli}
|
%if %{with intree_brotli}
|
||||||
Provides: bundled(brotli) = 1.0.9
|
Provides: bundled(brotli) = 1.1.0
|
||||||
%else
|
%else
|
||||||
BuildRequires: pkgconfig(libbrotlidec)
|
BuildRequires: pkgconfig(libbrotlidec)
|
||||||
%endif
|
%endif
|
||||||
@ -383,8 +383,8 @@ BuildRequires: pkgconfig(libbrotlidec)
|
|||||||
Provides: bundled(llhttp) = 9.1.3
|
Provides: bundled(llhttp) = 9.1.3
|
||||||
Provides: bundled(ngtcp2) = 0.8.1
|
Provides: bundled(ngtcp2) = 0.8.1
|
||||||
Provides: bundled(base64) = 0.5.1
|
Provides: bundled(base64) = 0.5.1
|
||||||
Provides: bundled(simdutf) = 4.0.4
|
Provides: bundled(simdutf) = 4.0.8
|
||||||
Provides: bundled(simdjson) = 3.6.2
|
Provides: bundled(simdjson) = 3.6.3
|
||||||
# bundled url-ada parser, not ada
|
# bundled url-ada parser, not ada
|
||||||
Provides: bundled(ada) = 2.7.4
|
Provides: bundled(ada) = 2.7.4
|
||||||
|
|
||||||
@ -394,7 +394,7 @@ Provides: bundled(node-acorn-walk) = 8.3.1
|
|||||||
Provides: bundled(node-cjs-module-lexer) = 1.2.2
|
Provides: bundled(node-cjs-module-lexer) = 1.2.2
|
||||||
Provides: bundled(node-corepack) = 0.24.0
|
Provides: bundled(node-corepack) = 0.24.0
|
||||||
Provides: bundled(node-minimatch) = 9.0.3
|
Provides: bundled(node-minimatch) = 9.0.3
|
||||||
Provides: bundled(node-undici) = 5.28.2
|
Provides: bundled(node-undici) = 5.28.3
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine. Node.js
|
Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine. Node.js
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user