Subject: CVS commit: pkgsrc/lang/nodejs
From: Adam Ciarcinski
Date: 2025-01-22 12:00:59
Message id: 20250122110059.2BD98FBDF@cvs.NetBSD.org
Log Message:
nodejs: updated to 23.6.1

Version 23.6.1 (Current)

Notable Changes

CVE-2025-23083 - src,loader,permission: throw on InternalWorker use when \ 
permission model is enabled (High)
CVE-2025-23085 - src: fix HTTP2 mem leak on premature close and ERR_PROTO (Medium)
CVE-2025-23084 - path: fix path traversal in normalize() on Windows (Medium)

Dependency update:

CVE-2025-22150 - Use of Insufficiently Random Values in undici fetch() (Medium)
Files:
RevisionActionfile
1.314modifypkgsrc/lang/nodejs/Makefile
1.280modifypkgsrc/lang/nodejs/distinfo