Debian
nodejs package

nodejs 18.13.0+dfsg1-1.1 source package in Debian

Changelog

nodejs (18.13.0+dfsg1-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Adapt testsuite failures in test-crypto-dh since OpenSSL 3.0.12/3.1.4
    (Closes: #1055416).
  * Adapt testsuite failures due TLSv < 1.1 available only at seclevel 0
    (Closes: #1052470).
  * CVE-2023-23919 (Node.js OpenSSL error handling issues in nodejs crypto
    library). (Closes: #1031834).
  * CVE-2023-23920 (Node.js insecure loading of ICU data through ICU_DATA
    environment variable) (Closes: #1031834).
  * CVE-2023-30590 (DiffieHellman do not generate keys after setting a private
    key) (Closes: #1039990).
  * CVE-2023-30589 (HTTP Request Smuggling via Empty headers separated by CR)
   (Closes: #1039990).
  * CVE-2023-30588 (Process interuption due to invalid Public Key information
    in x509 certificates) (Closes: #1039990).
  * CVE-2023-32559 (Permissions policies can be bypassed via process.binding)
    (Closes: #1050739).
  * CVE-2023-30581 (mainModule.proto bypass experimental policy mechanism)
    (Closes: #1039990).
  * CVE-2023-32002 (Permissions policies can be bypassed via Module._load)
    (Closes: #1050739).
  * CVE-2023-32006 (Permissions policies can impersonate other modules in
    using module.constructor.createRequire()) (Closes: #1050739).
  * CVE-2023-38552 (Integrity checks according to policies can be
    circumvented) (Closes: #1054892).
  * CVE-2023-39333 (Code injection via WebAssembly export names)
    (Closes: #1054892).

 -- Sebastian Andrzej Siewior <email address hidden>  Wed, 22 Nov 2023 18:15:44 +0100

Upload details

Uploaded by:
Debian Javascript Maintainers
Uploaded to:
Sid
Original maintainer:
Debian Javascript Maintainers
Architectures:
amd64 arm64 armel armhf i386 kfreebsd-i386 kfreebsd-amd64 mips mips64el mips64r6el mipsel powerpc ppc64 ppc64el riscv64 s390x all
Section:
web
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
nodejs_18.13.0+dfsg1-1.1.dsc 3.8 KiB 28f1b461b19098a6c8a7918fa1e233350160c429dcfd5d5859d9e510948048c2
nodejs_18.13.0+dfsg1.orig-types-node.tar.xz 247.6 KiB 3b6dcdfc5167c6d78c10844fa3f30e6eb6b58b64b674e2795533b2d2bcd366a4
nodejs_18.13.0+dfsg1.orig.tar.xz 24.5 MiB 570ad29f0f06ba743a9609d767b61a45293a233497f7417265cce4b49247a4d2
nodejs_18.13.0+dfsg1-1.1.debian.tar.xz 188.9 KiB 3bef0de67aa1831dc43fdda99f314cdb7b13361d3d3b34a88dd5df8b6e3cf23d

No changes file available.

Binary packages built by this source