[Pkg-javascript-devel] nodejs_12.22.12~dfsg-1~deb11u1_source.changes ACCEPTED into proposed-updates->stable-new
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Mon Jun 27 20:06:20 BST 2022
Mapping stable-security to proposed-updates.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 27 Jun 2022 00:01:12 +0200
Source: nodejs
Architecture: source
Version: 12.22.12~dfsg-1~deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel at alioth-lists.debian.net>
Changed-By: Jérémy Lal <kapouer at melix.org>
Changes:
nodejs (12.22.12~dfsg-1~deb11u1) bullseye-security; urgency=medium
.
* New upstream version 12.22.12
Fixes a shutdown crash in Node-API (formerly N-API) and
a potential stack overflow when using vm.runInNewContext().
* Backport upstream fix for test_dns_lookupService_promises.js
to pass also when /etc/services is not installed.
* New upstream version 12.22.9
+ CVE-2021-44532: Certificate Verification Bypass
via String Injection (Medium)
+ CVE-2021-44533: Incorrect handling of certificate subject
and issuer fields (Medium
+ CVE-2022-21824: Prototype pollution via console.table
properties (Low)
* New upstream version 12.22.7
+ CVE-2021-22959: HTTP Request Smuggling due to
spaced in headers (Medium)
+ CVE-2021-22960: HTTP Request Smuggling
when parsing the body (Medium)
Checksums-Sha1:
4596647db82e451dc7aea58ee9d413121bd369c5 3505 nodejs_12.22.12~dfsg-1~deb11u1.dsc
1fef218bb8d9f06059919565b50cc122dc10cebb 87112 nodejs_12.22.12~dfsg.orig-types-node.tar.xz
502cfe0a9691d3974ca79e9f82aa4eed6eb24380 19005908 nodejs_12.22.12~dfsg.orig.tar.xz
ae0b942805e1421d33d2b6804328573d6769c873 136992 nodejs_12.22.12~dfsg-1~deb11u1.debian.tar.xz
fb45c81723206e1994ed8da77de544f1974e94c2 10298 nodejs_12.22.12~dfsg-1~deb11u1_source.buildinfo
Checksums-Sha256:
10cc3933f64cde21071c63d23d1b4df9dc0de29f135bd192809f41d723f082d4 3505 nodejs_12.22.12~dfsg-1~deb11u1.dsc
e640dd32d922eed23cd5dabf56600cfd335ea5ce3c756dc96024adebf94555f8 87112 nodejs_12.22.12~dfsg.orig-types-node.tar.xz
06f8eb29e52d5eb720c4ae2316b3c1b71efb12aa73bf27138f1cc776a7315aff 19005908 nodejs_12.22.12~dfsg.orig.tar.xz
383c86b7f5d537f715e8449656a4841a27443d5ec6c57afe82451db4fb3824aa 136992 nodejs_12.22.12~dfsg-1~deb11u1.debian.tar.xz
5caf10f9eebd3b4d6ad53d672e1b1b0d13bed4557d062e0c11390c393c4cc293 10298 nodejs_12.22.12~dfsg-1~deb11u1_source.buildinfo
Files:
1231a7a3b118013531c81226fbb1319f 3505 javascript optional nodejs_12.22.12~dfsg-1~deb11u1.dsc
b3dc69de461763b2918b81ef426fe0ff 87112 javascript optional nodejs_12.22.12~dfsg.orig-types-node.tar.xz
effb4e471c3cf4c7184d357a38985c56 19005908 javascript optional nodejs_12.22.12~dfsg.orig.tar.xz
74ea416f392aab77619ddedf6da63838 136992 javascript optional nodejs_12.22.12~dfsg-1~deb11u1.debian.tar.xz
110b89dfccbc3df004a717c5404ad379 10298 javascript optional nodejs_12.22.12~dfsg-1~deb11u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJGBAEBCgAwFiEEA8Tnq7iA9SQwbkgVZhHAXt0583QFAmK5XPMSHGthcG91ZXJA
bWVsaXgub3JnAAoJEGYRwF7dOfN0nCwQALG4URDn7Tzj4RL3S8ixLErHbWcN5/C3
+F1mmRcp/JcfpN2R032AIfIDkhwnDGAZxa15efg0xZwanqi+RldtaW5kDLoD5Xti
I84WUmsfV1G5P1rPckPbExFWZZw3sKIodria4RxAd+m5B/bloCVDKXPlRNl1ksRK
31q+DM40IzZHIfme41IXS2Y2Upc3WNXcBM1bzJSjk8LGbFB+ig+MRItKONJqa15Y
g7wXlQ5PWmuOuv05CB1+HhRv4uuhQBm5tlTxX5VWVrJrqI4mcrU44M6ksqqSMPR/
uqpIs3O+WOj/HQ51WgnjMAm9/C4faVsvnBta6WIAzGmHk/7x4xhX1k/mRoTNDSaf
CsgYUmwUC+T+AIsAO3Gnhf5oWI4Zgb1wswsP8mgVWHCL+LH4rYA1ZZwvjy+IEyjA
2fTiK4U0soQf+VECfvjRRlgzjdFQFmnb/BDERijs7Oz7ighlyZnK62XXxFVqqPLt
6OwSPChxhp/nmMo1zMKdrPqXAOo+9xrWOS2k+/OOJFi9AI1q/G6XseJGpBSt8Jhe
9SeXyzpXPUjCF4aholoeV4kUbMQUbbnR6RqGItnX0BtwlN9lPtWbRUFYRvzx2S2t
qiYKnyjFTHz1AZbO2NOowhj47ItvM3QjOgr4wnVDsNWkEBBPOT8p1+cJ2UOl/3hF
kbLN6qZ3vSIv
=4r98
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-javascript-devel
mailing list