Subject: CVS commit: [pkgsrc-2022Q3] pkgsrc/lang/nodejs14
From: Benny Siegert
Date: 2022-10-03 16:02:17
Message id: 20221003140217.3C665FA90@cvs.NetBSD.org

Log Message:
Pullup ticket #6674 - requested by taca
lang/nodejs14: security fix

Revisions pulled up:
- lang/nodejs14/Makefile                                        1.5
- lang/nodejs14/distinfo                                        1.4

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Tue Sep 27 07:54:19 UTC 2022

   Modified Files:
   	pkgsrc/lang/nodejs14: Makefile distinfo

   Log Message:
   nodejs14: updated to 14.20.1

   Version 14.20.1 'Fermium' (LTS)

   This is a security release.

   Notable changes

   The following CVEs are fixed in this release:

   CVE-2022-32212: DNS rebinding in --inspect on macOS (High)
   CVE-2022-32213: bypass via obs-fold mechanic (Medium)
   CVE-2022-35256: HTTP Request Smuggling Due to Incorrect Parsing of Header \ 
Fields (Medium)

Files:
RevisionActionfile
1.4.2.1modifypkgsrc/lang/nodejs14/Makefile
1.3.2.1modifypkgsrc/lang/nodejs14/distinfo