Package node: Information

    Binary package: node
    Version: 16.19.1-alt1
    Architecture: ppc64le
    Build time:  Mar 22, 2023, 09:41 PM in the task #316988
    Source package: node
    Report package bug
    Home page: http://nodejs.org/

    License: MIT
    Summary: Evented I/O for V8 Javascript
    Description: 
    Node.js is a server-side JavaScript environment that uses an asynchronous
    event-driven model.  Node's goal is to provide an easy way to build scalable
    network programs.

    Maintainer: Vitaly Lipatov


    Last changed


    March 13, 2023 Vitaly Lipatov 16.19.1-alt1
    - new version 16.19.1 (with rpmrb script)
    - CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High)
    - CVE-2023-23919: Node.js OpenSSL error handling issues in nodejs crypto library (Medium)
    - CVE-2023-23920: Node.js insecure loading of ICU data through ICU\_DATA environment variable (Low)
    - CVE-2023-23936: Fetch API in Node.js did not protect against CRLF injection in host headers (Medium)
    - CVE-2023-24807: Regular Expression Denial of Service in Headers in Node.js fetch API (Low)
    - set openssl >= 1.1.1s
    - set npm >= 8.19.3
    Nov. 23, 2022 Vitaly Lipatov 16.18.1-alt1
    - new version 16.18.1 (with rpmrb script)
    - CVE-2022-43548: DNS rebinding in --inspect via invalid octal IP address (Medium)
    Oct. 16, 2022 Vitaly Lipatov 16.18.0-alt1
    - new version 16.18.0 (with rpmrb script)
    - set npm >= 8.19.2