Package node: Information

    Source package: node
    Version: 18.18.2-alt1
    Build time:  Nov 29, 2023, 01:30 PM
    Report package bug
    Home page: http://nodejs.org/

    License: MIT
    Summary: Evented I/O for V8 Javascript
    Description: 
    Node.js is a server-side JavaScript environment that uses an asynchronous
    event-driven model.  Node's goal is to provide an easy way to build scalable
    network programs.

    List of rpms provided by this srpm:
    node (riscv64)
    node-debuginfo (riscv64)
    node-devel (riscv64)
    node-doc (noarch)

    Maintainer: Vitaly Lipatov


      1. python3-devel
      2. gcc-c++
      3. python3-module-simplejson
      4. openssl
      5. openssl-devel >= 3.0.8
      6. /proc
      7. libicu-devel >= 7.2
      8. rpm-build-intro >= 2.1.14
      9. libbrotli-devel
      10. rpm-macros-features
      11. rpm-macros-nodejs
      12. libuv-devel >= 1.44.2
      13. curl
      14. libnghttp2-devel >= 1.51.0
      15. libcares-devel >= 1.19.1
      16. zlib-devel >= 1.2.13
      17. gyp >= 0.14.0

    Last changed


    Nov. 2, 2023 Vitaly Lipatov 18.18.2-alt1
    - new version 18.18.2 (with rpmrb script)
    - note: libuv reverted to 1.44.2 in upstream due some regressions
    Oct. 12, 2023 Vitaly Lipatov 18.18.1-alt1
    - new version 18.18.1 (with rpmrb script)
    July 29, 2023 Vitaly Lipatov 18.17.0-alt1
    - new version 18.17.0 (with rpmrb script)
    - set npm >= 9.6.7
    - CVE-2023-30581: mainModule.__proto__ Bypass Experimental Policy Mechanism (High)
    - CVE-2023-30585: Privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process (Medium)
    - CVE-2023-30588: Process interuption due to invalid Public Key information in x509 certificates (Medium)
    - CVE-2023-30589: HTTP Request Smuggling via Empty headers separated by CR (Medium)
    - CVE-2023-30590: DiffieHellman does not generate keys after setting a private key (Medium)