projects / feed / packages.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 76bc13b) | patch
node: April 3, 2024 Security Releases
authorHirokazu MORIKAWA <morikw2@gmail.com>
Sun, 7 Apr 2024 02:47:53 +0000 (11:47 +0900)
committerTianling Shen <cnsztl@gmail.com>
Sun, 7 Apr 2024 10:01:33 +0000 (18:01 +0800)
commit8602f63b8db7efd93ad83f8f36e5a0d2a6e1d56a
tree2c4657d678053e18a0332cb01a770b5c56dc4d24tree | snapshot
parent76bc13be7a12b9c1eba7101ebefdd0632fb41efccommit | diff
node: April 3, 2024 Security Releases

Notable Changes
* CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High)
* CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium)
* llhttp version 9.2.1
* undici version 5.28.4

Changed to use gz according to main-snapshot

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
lang/node/Makefile diff | blob | history
lang/node/patches/003-path.patch diff | blob | history
Mirror of packages feed