NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/nodejs: security bump to version 14.20.1

Browse Source 
Fixes the following security issues:

- CVE-2022-32212: DNS rebinding in --inspect on macOS (High)
- CVE-2022-32213: bypass via obs-fold mechanic (Medium)
- CVE-2022-35256: HTTP Request Smuggling Due to Incorrect Parsing of Header
  Fields (Medium)

https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Peter Korsgaard 2022-10-13 14:56:27 +02:00
parent aa47ae19ed
commit d805244ed2
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/nodejs/nodejs.hash
View File

@ -1,5 +1,5 @@
# From https://nodejs.org/dist/v14.20.0/SHASUMS256.txt
sha256 2b5098498889d1e6a9709d63f3d6f94e696a5ad8221618c5d51159cee363996a node-v14.20.0.tar.xz
# From https://nodejs.org/dist/v14.20.1/SHASUMS256.txt
sha256 365057ea661923cbfa71bdd7a8d0ace9ddff8d22d431ad92355f8433cecff14d node-v14.20.1.tar.xz
# Hash for license file
sha256 d05c4319d4955d6b3c7beab2711ff61448b31889560d4b125bfbd35f16d3d3af LICENSE

2
package/nodejs/nodejs.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
NODEJS_VERSION = 14.20.0
NODEJS_VERSION = 14.20.1
NODEJS_SOURCE = node-v$(NODEJS_VERSION).tar.xz
NODEJS_SITE = http://nodejs.org/dist/v$(NODEJS_VERSION)
NODEJS_DEPENDENCIES = \