godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-08 02:09:48 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
e3bdcdd596f916458f86aafc628608ba977d953f
buildroot/package/nodejs
History
Peter Korsgaard e3bdcdd596 package/nodejs: security bump to version 12.22.6 
Fixes the following security issues:

- CVE-2021-37701: Arbitrary File Creation/Overwrite via insufficient symlink
  protection due to directory cache poisoning using symbolic links

- CVE-2021-37712: Arbitrary File Creation/Overwrite via insufficient symlink
  protection due to directory cache poisoning using symbolic links

- CVE-2021-37713: Arbitrary File Creation/Overwrite on Windows via
  insufficient relative path sanitization

- CVE-2021-39134: UNIX Symbolic Link (Symlink) Following in @npmcli/arborist

- CVE-2021-39135: UNIX Symbolic Link (Symlink) Following in @npmcli/arborist

For more details, see the advisory:
https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases2/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-09-18 19:42:46 +02:00
..
0001-check-if-uclibc-has-backtrace-support.patch
Config.in
nodejs.hash
package/nodejs: security bump to version 12.22.6
2021-09-18 19:42:46 +02:00
nodejs.mk
package/nodejs: security bump to version 12.22.6
2021-09-18 19:42:46 +02:00