CaROS/meta-openembedded
3
1
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
1216d76bec
meta-openembedded/meta-oe/recipes-devtools/nodejs
History
Jason Schonberg 1216d76bec
nodejs: upgrade 22.12.0 -> 22.13.1 
Changelog for 22.13.0 : https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V22.md#22.13.0
Changelog for 22.13.1 : https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V22.md#22.13.1

The 22.13.1 release is a security fix addressing four CVEs.

    CVE-2025-23083 - src,loader,permission: throw on InternalWorker use when permission model is enabled (High)
    CVE-2025-23085 - src: fix HTTP2 mem leak on premature close and ERR_PROTO (Medium)
    CVE-2025-23084 - path: fix path traversal in normalize() on Windows (Medium)
    CVE-2025-22150 - Use of Insufficiently Random Values in undici fetch() (Medium)

I introduce a new patch with this recipe 0001-Do-not-use-glob-in-deps.patch to revert https://github.com/nodejs/node/commit/77e2869ca6

I restored 0001-deps-disable-io_uring-support-in-libuv.patch as suggested here : https://lore.kernel.org/all/20241207140642.181134-1-martin.jansa@gmail.com/

Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2025-01-24 18:20:07 -08:00
..
nodejs nodejs: upgrade 22.12.0 -> 22.13.1 2025-01-24 18:20:07 -08:00
nodejs-oe-cache-22.13 nodejs: upgrade 22.12.0 -> 22.13.1 2025-01-24 18:20:07 -08:00
nodejs_22.13.1.bb nodejs: upgrade 22.12.0 -> 22.13.1 2025-01-24 18:20:07 -08:00
nodejs-oe-cache-native_22.13.bb nodejs: upgrade 22.12.0 -> 22.13.1 2025-01-24 18:20:07 -08:00