Overview Repositories Revisions Requests Users Attributes Meta

Revisions of nodejs21

buildservice-autocommit accepted request 1166607 from Adam Majer's avatar Adam Majer (adamm) (revision 28) 
baserev update by copy to link target
Adam Majer's avatar Adam Majer (adamm) committed (revision 27) 
  * Assertion failed in node::http2::Http2Session::~Http2Session()
    leads to HTTP/2 server crash (High) (bsc#1222244, CVE-2024-27983)
  * HTTP Request Smuggling via Content Length Obfuscation
    (Medium) (bsc#1222384, CVE-2024-27982)
    + undici version 6.11.1 (bsc#1222530, bsc#1222603, 
      CVE-2024-30260, CVE-2024-30261)
Adam Majer's avatar Adam Majer (adamm) committed (revision 26) 
- Update to 21.7.2:
  * CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session()
    leads to HTTP/2 server crash- (High) (bsc#1222244)
  * CVE-2024-27982 - HTTP Request Smuggling via Content Length
    Obfuscation- (Medium) (bsc#1222384)
  * updated dependencies:
    + llhttp version 9.2.1
    + undici version 6.11.1 (bsc#1222530, CVE-2024-30260)
- node-gyp-addon-gypi.patch: adapted for new unit test layouts
Adam Majer's avatar Adam Majer (adamm) committed (revision 25) 
- node-gyp-addon-gypi.patch: refreshed
Adam Majer's avatar Adam Majer (adamm) committed (revision 24)
Adam Majer's avatar Adam Majer (adamm) committed (revision 23)
Adam Majer's avatar Adam Majer (adamm) committed (revision 22)
Adam Majer's avatar Adam Majer (adamm) committed (revision 21) 
- Update to 21.7.1
  * revert "test_runner: do not invoke after hook when test is empty"
  * lib: return directly if udp socket close before lookup
- Changes in 21.7.0
  * util.styleText(format, text): This function returns a
    formatted text considering the format passed.
  * support for multi-line values for .env file
  * sea: support embedding assets
  * vm: support using the default loader to handle dynamic import()
  * crypto: implement crypto.hash()
  * http2: add h2 compat support for appendHeader
- versioned.patch, nodejs-libpath.patch: refreshed
- c-ares-fixes.patch: upstreamed, removed

- Add libalternative config for corepack
buildservice-autocommit accepted request 1147153 from Adam Majer's avatar Adam Majer (adamm) (revision 20) 
baserev update by copy to link target
Adam Majer's avatar Adam Majer (adamm) committed (revision 19) 
- Update to 21.6.2: (security updates)
  * (CVE-2024-21892, bsc#1219992) - Code injection and privilege escalation through Linux capabilities- (High)
  * (CVE-2024-22019, bsc#1219993) - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High)
  * (CVE-2024-21896, bsc#1219994) - Path traversal by monkey-patching Buffer internals- (High)
  * (CVE-2024-22017, bsc#1219995) - setuid() does not drop all privileges due to io_uring - (High)
  * (CVE-2023-46809, bsc#1219997) - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium)
  * (CVE-2024-21891, bsc#1219998) - Multiple permission model bypasses due to improper path traversal sequence sanitization - (Medium)
  * (CVE-2024-21890, bsc#1219999) - Improper handling of wildcards in --allow-fs-read and --allow-fs-write (Medium)
  * (CVE-2024-22025, bsc#1220014) - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium)
  * undici version 5.28.3 (CVE-2024-24758, bsc#1220017)
  * libuv version 1.48.0
buildservice-autocommit accepted request 1146410 from Adam Majer's avatar Adam Majer (adamm) (revision 18) 
baserev update by copy to link target
Adam Majer's avatar Adam Majer (adamm) committed (revision 17)
Adam Majer's avatar Adam Majer (adamm) committed (revision 16) 
- Update to 21.6.1:
  * Revert "stream: fix cloned webstreams not being unref'd"
- Changes in 21.6.0:
  * New connection attempt events
  * --allow-addons to enable addon usage when using the Permission Model.
  * Support configurable snapshot through --build-snapshot-config flag
- fix_ci_tests.patch: refreshed
buildservice-autocommit accepted request 1137596 from Adam Majer's avatar Adam Majer (adamm) (revision 15) 
baserev update by copy to link target
Adam Majer's avatar Adam Majer (adamm) committed (revision 14) 
- Update to 21.5.0:
  * module: merge config with package_json_reader
  * src: move package resolver to c++
  * doc:
    + deprecate hash constructor
    + deprecate dirent.path
- linker_lto_jobs.patch: refreshed
buildservice-autocommit accepted request 1136239 from Adam Majer's avatar Adam Majer (adamm) (revision 13) 
baserev update by copy to link target
Adam Majer's avatar Adam Majer (adamm) committed (revision 12) 
- c-ares-fixes.patch: fixes unit tests for new c-ares
buildservice-autocommit accepted request 1133448 from Adam Majer's avatar Adam Majer (adamm) (revision 11) 
baserev update by copy to link target
Adam Majer's avatar Adam Majer (adamm) committed (revision 10)
Adam Majer's avatar Adam Majer (adamm) committed (revision 9) 
- Update to 21.4.0:
  * fs: introduce dirent.parentPath
  * fs: use default w flag for writeFileSync with utf8 encoding
- Changes in 21.3.0:
  * New --disable-warning flag
  * Fast fs.writeFileSync with UTF-8 Strings
For details, see
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V21.md#21.4.0
- fix_ci_tests.patch: added workaround for missing deps
Displaying revisions 1 - 20 of 28
openSUSE Build Service is sponsored by
Places