node: July 8, 2024 Security Releases

This is a security release.

Notable Changes

    CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High)
    CVE-2024-22020 - Bypass network import restriction via data URL (Medium)

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>

diff --git a/lang/node/Makefile b/lang/node/Makefile
index 8078dbad2b959ddfdd9508f7fdccf9dcc97853bd..b5c9489549c43f98cd31d8bfb66b21def2c6ec7e 100644 (file)
--- a/lang/node/Makefile
+++ b/lang/node/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=node
-PKG_VERSION:=v18.20.3
+PKG_VERSION:=v18.20.4
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://nodejs.org/dist/$(PKG_VERSION)
-PKG_HASH:=f35c9b9923c7b2e9243e7e2d10cd9ae61fbd5b925df3debbb72d5a70dbff555d
+PKG_HASH:=349259af6821f730bc4ca3a0e6576efc75ba86e546d118629a5b75eb8ebc3a0b
 
 PKG_MAINTAINER:=Hirokazu MORIKAWA <morikw2@gmail.com>, Adrian Panella <ianchi74@outlook.com>
 PKG_LICENSE:=MIT