summaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb
Commit message (Collapse)AuthorAgeFilesLines
* meta-oe: Remove True option to getVar callsakash hadke2025-01-221-1/+1
| | | | | | | | getVar() now defaults to expanding by default, thus remove the True option from getVar() calls with a regex search and replace. Signed-off-by: Akash Hadke <akash.hadke27@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: fix CVE-2023-46809Archana Polampalli2024-06-021-0/+1
| | | | | Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: fix CVE-2024-22025Archana Polampalli2024-06-021-0/+1
| | | | | Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: fix CVE-2024-22019Archana Polampalli2024-06-021-0/+1
| | | | | Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: Set CVE_PRODUCT to "node.js"virendra thakur2024-02-281-0/+2
| | | | | | | Set CVE_PRODUCT to 'node.js' for nodjs recipe Signed-off-by: virendra thakur <virendrak@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: fix CVE-2022-25883Polampalli, Archana2023-09-041-0/+1
| | | | | | | | | | | | | | | Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. References: https://nvd.nist.gov/vuln/detail/CVE-2022-25883 Upstream patches: https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441 Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: upgrade 16.20.1 -> 16.20.2Polampalli, Archana2023-08-111-0/+185
This release contains bug fixes only. The following CVEs have been addressed: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559 $ git log --oneline v16.20.1..v16.20.2 dadbde963f (tag: v16.20.2) 2023-08-09, Version 16.20.2 'Gallium' (LTS) d8ccfe9ad4 policy: handle Module.constructor and main.extensions bypass 242aaa0caa policy: disable process.binding() when enabled 40c3958a5a deps: update archs files for OpenSSL-1.1.1v a9ac9da89a deps: fix openssl crypto clean 362d4c7494 deps: upgrade openssl sources to OpenSSL_1_1_1v 7447de2794 Working on v16.20.2 https://github.com/nodejs/node/releases/tag/v16.20.2 Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-07 10:09:21 +0000