Next | Query returned 15 messages, browsing 1 to 10 | Previous

History of commit frequency

CVS Commit History:


   2023-10-12 13:37:44 by Adam Ciarcinski | Files touched by this commit (27) | Package removed
Log message:
nodejs14: removed; life ended on 2023-04-30
   2023-08-14 07:25:36 by Thomas Klausner | Files touched by this commit (1247)
Log message:
*: recursive bump for Python 3.11 as new default
   2023-07-03 14:57:53 by Thomas Klausner | Files touched by this commit (3)
Log message:
nodejs*: add upper bounds so only the requested version is pulled in
   2023-04-26 21:44:09 by Thomas Klausner | Files touched by this commit (6)
Log message:
*: recursive bump for ngtcp2 shlib major bump
   2023-04-19 19:42:12 by Adam Ciarcinski | Files touched by this commit (3)
Log message:
nodejs14: build and install npm; bump revision
   2023-02-17 13:01:51 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
nodejs14: updated to 14.21.3

Version 14.21.3 'Fermium' (LTS)

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

* CVE-2023-23918: Node.js Permissions policies can be bypassed via \ 
process.mainModule (High)
* CVE-2023-23920: Node.js insecure loading of ICU data through ICU\_DATA \ 
environment variable (Low)
   2023-01-11 19:20:31 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
nodejs14: updated to 14.21.2

Version 14.21.2 'Fermium' (LTS)

Notable Changes

OpenSSL 1.1.1s

This OpenSSL version does not address any security vulnerabilities.

Root certificates updated to NSS 3.85

Time zone update to 2022f
   2022-12-03 22:34:38 by Adam Ciarcinski | Files touched by this commit (2)
Log message:
nodejs14: enable corepack, disable dtrace, bump revision
   2022-11-23 14:15:03 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
nodejs14: updated to 14.21.1

Version 14.21.1 'Fermium' (LTS), @BethGriggs

This is a security release.

Notable changes

The following CVEs are fixed in this release:

* \ 
**[CVE-2022-43548](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548)**: \ 
DNS rebinding in --inspect via invalid octal IP address (Medium)
   2022-09-27 09:54:19 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
nodejs14: updated to 14.20.1

Version 14.20.1 'Fermium' (LTS)

This is a security release.

Notable changes

The following CVEs are fixed in this release:

CVE-2022-32212: DNS rebinding in --inspect on macOS (High)
CVE-2022-32213: bypass via obs-fold mechanic (Medium)
CVE-2022-35256: HTTP Request Smuggling Due to Incorrect Parsing of Header Fields \ 
(Medium)

Next | Query returned 15 messages, browsing 1 to 10 | Previous