Subject: CVS commit: pkgsrc/lang/nodejs20
From: Adam Ciarcinski
Date: 2025-01-22 12:00:01
Message id: 20250122110001.AB4E3FBDF@cvs.NetBSD.org
Log Message:
nodejs20: updated to 20.18.2

Version 20.18.2 'Iron' (LTS)

otable Changes

CVE-2025-23083 - throw on InternalWorker use when permission model is enabled (High)
CVE-2025-23085 - src: fix HTTP2 mem leak on premature close and ERR_PROTO (Medium)
CVE-2025-23084 - path: fix path traversal in normalize() on Windows (Medium)

Dependency update:

CVE-2025-22150 - Use of Insufficiently Random Values in undici fetch() (Medium)
Files:
RevisionActionfile
1.22modifypkgsrc/lang/nodejs20/Makefile
1.18modifypkgsrc/lang/nodejs20/distinfo