From d805244ed2bc014ed2d170a4c3e31e3836fc722b Mon Sep 17 00:00:00 2001
From: Peter Korsgaard <peter@korsgaard.com>
Date: Thu, 13 Oct 2022 14:56:27 +0200
Subject: [PATCH] package/nodejs: security bump to version 14.20.1

Fixes the following security issues:

- CVE-2022-32212: DNS rebinding in --inspect on macOS (High)
- CVE-2022-32213: bypass via obs-fold mechanic (Medium)
- CVE-2022-35256: HTTP Request Smuggling Due to Incorrect Parsing of Header
  Fields (Medium)

https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/nodejs/nodejs.hash | 4 ++--
 package/nodejs/nodejs.mk   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/nodejs/nodejs.hash b/package/nodejs/nodejs.hash
index ab79787e45..769fddae3b 100644
--- a/package/nodejs/nodejs.hash
+++ b/package/nodejs/nodejs.hash
@@ -1,5 +1,5 @@
-# From https://nodejs.org/dist/v14.20.0/SHASUMS256.txt
-sha256  2b5098498889d1e6a9709d63f3d6f94e696a5ad8221618c5d51159cee363996a  node-v14.20.0.tar.xz
+# From https://nodejs.org/dist/v14.20.1/SHASUMS256.txt
+sha256  365057ea661923cbfa71bdd7a8d0ace9ddff8d22d431ad92355f8433cecff14d  node-v14.20.1.tar.xz
 
 # Hash for license file
 sha256  d05c4319d4955d6b3c7beab2711ff61448b31889560d4b125bfbd35f16d3d3af  LICENSE
diff --git a/package/nodejs/nodejs.mk b/package/nodejs/nodejs.mk
index 262d60e86b..5bee082f14 100644
--- a/package/nodejs/nodejs.mk
+++ b/package/nodejs/nodejs.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-NODEJS_VERSION = 14.20.0
+NODEJS_VERSION = 14.20.1
 NODEJS_SOURCE = node-v$(NODEJS_VERSION).tar.xz
 NODEJS_SITE = http://nodejs.org/dist/v$(NODEJS_VERSION)
 NODEJS_DEPENDENCIES = \