projects / feed / packages.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1d08138) | patch
node: August 2023 Security Releases 21779/head
authorHirokazu MORIKAWA <morikw2@gmail.com>
Thu, 10 Aug 2023 05:21:46 +0000 (14:21 +0900)
committerHirokazu MORIKAWA <morikw2@gmail.com>
Thu, 10 Aug 2023 05:21:46 +0000 (14:21 +0900)
commit153f0b3d83dcbab5e05f7c1b38067071e96a30aa
treeabc95a37334d8e7075ffa6cabe50eb395ef2c857tree | snapshot
parent1d08138c7760ce013ceb9b1611cacdd0fd51ac71commit | diff
node: August 2023 Security Releases

Update to v18.17.1
This is a security release.

Notable Changes
The following CVEs are fixed in this release:
* CVE-2023-32002: Policies can be bypassed via Module._load (High)
* CVE-2023-32006: Policies can be bypassed by module.constructor.createRequire (Medium)
* CVE-2023-32559: Policies can be bypassed via process.binding (Medium)
* OpenSSL Security Releases  (Depends on shared library provided by OpenWrt)
    * OpenSSL security advisory 14th July.
    * OpenSSL security advisory 19th July.
    * OpenSSL security advisory 31st July

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
lang/node/Makefile diff | blob | history
Mirror of packages feed