From: Hirokazu MORIKAWA <morikw2@gmail.com>
Date: Fri, 8 Jul 2022 23:26:01 +0000 (+0900)
Subject: node: July 7th 2022 Security Releases
X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=8db0d09823764d50b38ff27a9b13cac7fa46bdd2;p=feed%2Fpackages.git

node: July 7th 2022 Security Releases

Update to v16.16.0

Release for the following issues:
HTTP Request Smuggling - Flawed Parsing of Transfer-Encoding (Medium)(CVE-2022-32213)
HTTP Request Smuggling - Improper Delimiting of Header Fields (Medium)(CVE-2022-32214)
HTTP Request Smuggling - Incorrect Parsing of Multi-line Transfer-Encoding (Medium)(CVE-2022-32215)
DNS rebinding in --inspect via invalid IP addresses (High)(CVE-2022-32212)

https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/

No vulnerabilities related with openssl (uses system openssl)

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
---

diff --git a/lang/node/Makefile b/lang/node/Makefile
index 12e8afde4a..811e07269a 100644
--- a/lang/node/Makefile
+++ b/lang/node/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=node
-PKG_VERSION:=v16.15.1
+PKG_VERSION:=v16.16.0
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=https://nodejs.org/dist/$(PKG_VERSION)
-PKG_HASH:=d4e99d3c1f69711109a67525571058e6009cddbc228e7d723b8fb4a454169b7d
+PKG_HASH:=145151eff3b2aa5ebe73384009c52271a83740ae687a93c98c628cd7d52736eb
 
 PKG_MAINTAINER:=Hirokazu MORIKAWA <morikw2@gmail.com>, Adrian Panella <ianchi74@outlook.com>
 PKG_LICENSE:=MIT