#14040 closed enhancement (fixed)

node.js-12.18.4 (Security issues)

Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: high Milestone: 10.1
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (3)

comment:1 by Bruce Dubbs, 11 months ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 11 months ago

Priority: normalhigh
Summary: node.js-12.18.4node.js-12.18.4 (Security issues)

Notable Changes

This is a security release.

Vulnerabilities fixed:

  • CVE-2020-8201: HTTP Request Smuggling due to CR-to-Hyphen conversion (High).
  • CVE-2020-8252: fs.realpath.native on may cause buffer overflow (Medium).

Commits

comment:3 by Bruce Dubbs, 11 months ago

Resolution: fixed
Status: assignedclosed

Fixed at version 23724.

Note: See TracTickets for help on using tickets.