1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted nodejs 12.22.12~dfsg-1~deb11u1 (source) into proposed-updates

    From Debian FTP Masters@21:1/5 to All on Sat Feb 18 18:50:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Mon, 27 Jun 2022 00:01:12 +0200
    Source: nodejs
    Architecture: source
    Version: 12.22.12~dfsg-1~deb11u1
    Distribution: bullseye-security
    Urgency: medium
    Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@alioth-lists.debian.net>
    Changed-By: Jérémy Lal <kapouer@melix.org>
    Changes:
    nodejs (12.22.12~dfsg-1~deb11u1) bullseye-security; urgency=medium
    .
    * New upstream version 12.22.12
    Fixes a shutdown crash in Node-API (formerly N-API) and
    a potential stack overflow when using vm.runInNewContext().
    * Backport upstream fix for test_dns_lookupService_promises.js
    to pass also when /etc/services is not installed.
    * New upstream version 12.22.9
    + CVE-2021-44532: Certificate Verification Bypass
    via String Injection (Medium)
    + CVE-2021-44533: Incorrect handling of certificate subject
    and issuer fields (Medium
    + CVE-2022-21824: Prototype pollution via console.table
    properties (Low)
    * New upstream version 12.22.7
    + CVE-2021-22959: HTTP Request Smuggling due to
    spaced in headers (Medium)
    + CVE-2021-22960: HTTP Request Smuggling
    when parsing the body (Medium)
    Checksums-Sha1:
    4596647db82e451dc7aea58ee9d413121bd369c5 3505 nodejs_12.22.12~dfsg-1~deb11u1.dsc
    1fef218bb8d9f06059919565b50cc122dc10cebb 87112 nodejs_12.22.12~dfsg.orig-types-node.tar.xz
    502cfe0a9691d3974ca79e9f82aa4eed6eb24380 19005908 nodejs_12.22.12~dfsg.orig.tar.xz
    ae0b942805e1421d33d2b6804328573d6769c873 136992 nodejs_12.22.12~dfsg-1~deb11u1.debian.tar.xz
    fb45c81723206e1994ed8da77de544f1974e94c2 10298 nodejs_12.22.12~dfsg-1~deb11u1_source.buildinfo
    Checksums-Sha256:
    10cc3933f64cde21071c63d23d1b4df9dc0de29f135bd192809f41d723f082d4 3505 nodejs_12.22.12~dfsg-1~deb11u1.dsc
    e640dd32d922eed23cd5dabf56600cfd335ea5ce3c756dc96024adebf94555f8 87112 nodejs_12.22.12~dfsg.orig-types-node.tar.xz
    06f8eb29e52d5eb720c4ae2316b3c1b71efb12aa73bf27138f1cc776a7315aff 19005908 nodejs_12.22.12~dfsg.orig.tar.xz
    383c86b7f5d537f715e8449656a4841a27443d5ec6c57afe82451db4fb3824aa 136992 nodejs_12.22.12~dfsg-1~deb11u1.debian.tar.xz
    5caf10f9eebd3b4d6ad53d672e1b1b0d13bed4557d062e0c11390c393c4cc293 10298 nodejs_12.22.12~dfsg-1~deb11u1_source.buildinfo
    Files:
    1231a7a3b118013531c81226fbb1319f 3505 javascript optional nodejs_12.22.12~dfsg-1~deb11u1.dsc
    b3dc69de461763b2918b81ef426fe0ff 87112 javascript optional nodejs_12.22.12~dfsg.orig-types-node.tar.xz
    effb4e471c3cf4c7184d357a38985c56 19005908 javascript optional nodejs_12.22.12~dfsg.orig.tar.xz
    74ea416f392aab77619ddedf6da63838 136992 javascript optional nodejs_12.22.12~dfsg-1~deb11u1.debian.tar.xz
    110b89dfccbc3df004a717c5404ad379 10298 javascript optional nodejs_12.22.12~dfsg-1~deb11u1_source.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQJGBAEBCgAwFiEEA8Tnq7iA9SQwbkgVZhHAXt0583QFAmK5XPMSHGthcG91ZXJA bWVsaXgub3JnAAoJEGYRwF7dOfN0nCwQALG4URDn7Tzj4RL3S8ixLErHbWcN5/C3 +F1mmRcp/JcfpN2R032AIfIDkhwnDGAZxa15efg0xZwanqi+RldtaW5kDLoD5Xti I84WUmsfV1G5P1rPckPbExFWZZw3sKIodria4RxAd+m5B/bloCVDKXPlRNl1ksRK 31q+DM40IzZHIfme41IXS2Y2Upc3WNXcBM1bzJSjk8LGbFB+ig+MRItKONJqa15Y g7wXlQ5PWmuOuv05CB1+HhRv4uuhQBm5tlTxX5VWVrJrqI4mcrU44M6ksqqSMPR/ uqpIs3O+WOj/HQ51WgnjMAm9/C4faVsvnBta6WIAzGmHk/7x4xhX1k/mRoTNDSaf CsgYUmwUC+T+AIsAO3Gnhf5oWI4Zgb1wswsP8mgVWHCL+LH4rYA1ZZwvjy+IEyjA 2fTiK4U0soQf+VECfvjRRlgzjdFQFmnb/BDERijs7Oz7ighlyZnK62XXxFVqqPLt 6OwSPChxhp/nmMo1zMKdrPqXAOo+9xrWOS2k+/OOJFi9AI1q/G6XseJGpBSt8Jhe 9SeXyzpXPUjCF4aholoeV4kUbMQUbbnR6RqGItnX0BtwlN9lPtWbRUFYRvzx2S2t qiYKnyjFTHz1AZbO2NOowhj47ItvM3QjOgr4wnVDsNWkEBBPOT8p1+cJ2UOl/3hF
    kbLN6qZ3vSIv
    =4r98
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)