Subject: CVS commit: pkgsrc/lang/nodejs16
From: Adam Ciarcinski
Date: 2023-08-11 07:55:02
Message id: 20230811055502.A7FFBFBDB@cvs.NetBSD.org
Log Message:
nodejs: updated to 16.20.2

Version 16.20.2 'Gallium' (LTS)

Notable Changes

The following CVEs are fixed in this release:

* CVE-2023-32002: Policies can be bypassed via Module.\_load (High)
* CVE-2023-32006: Policies can be bypassed by module.constructor.createRequire \ 
(Medium)
* CVE-2023-32559: Policies can be bypassed via process.binding (Medium)
* OpenSSL Security Releases
Files:
RevisionActionfile
1.18modifypkgsrc/lang/nodejs16/Makefile
1.13modifypkgsrc/lang/nodejs16/distinfo