NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3be4e5532f
kumquat-buildroot/package/nodejs/nodejs.hash
Peter Korsgaard 0de2c9c76c package/nodejs: security bump to version 8.14.0 
Fixes the following security vulnerabilities:

- Node.js: Denial of Service with large HTTP headers (CVE-2018-12121)
- Node.js: Slowloris HTTP Denial of Service (CVE-2018-12122 / Node.js)
- Node.js: Hostname spoofing in URL parser for javascript protocol
  (CVE-2018-12123)
- Node.js: HTTP request splitting (CVE-2018-12116)
- OpenSSL: Timing vulnerability in DSA signature generation (CVE-2018-0734)
- OpenSSL: Microarchitecture timing vulnerability in ECC scalar
  multiplication (CVE-2018-5407)

For more details, see the announcement:
https://nodejs.org/en/blog/release/v8.14.0/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-12-10 11:47:50 +01:00

6 lines
253 B
Plaintext
Raw Blame History

# From https://nodejs.org/dist/v8.14.0/SHASUMS256.txt
sha256 8ce252913c9f6aaa9871f2d9661b6e54858dae2f0064bd3c624676edb09083c4 node-v8.14.0.tar.xz
# Hash for license file
sha256 b87be6c1479ed977481115869c2dd8b6d59e5ea55aa09939d6c898242121b2f5 LICENSE
Reference in New Issue View Git Blame Copy Permalink