Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: nodejs21 | Distribution: openSUSE:Factory:zSystems |
Version: 21.7.2 | Vendor: openSUSE |
Release: 1.2 | Build date: Tue Apr 9 16:13:21 2024 |
Group: Development/Languages/NodeJS | Build host: reproducible |
Size: 51462535 | Source RPM: nodejs21-21.7.2-1.2.src.rpm |
Packager: https://bugs.opensuse.org | |
Url: https://nodejs.org | |
Summary: Evented I/O for V8 JavaScript |
Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine. Node.js uses an event-driven, non-blocking I/O model. Node.js has a package ecosystem provided by npm.
MIT
* Tue Apr 09 2024 Adam Majer <adam.majer@suse.de> - Update to 21.7.2: * Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash (High) (bsc#1222244, CVE-2024-27983) * HTTP Request Smuggling via Content Length Obfuscation (Medium) (bsc#1222384, CVE-2024-27982) * updated dependencies: + llhttp version 9.2.1 + undici version 6.11.1 (bsc#1222530, bsc#1222603, CVE-2024-30260, CVE-2024-30261) - node-gyp-addon-gypi.patch: adapted for new unit test layouts * Tue Apr 02 2024 Adam Majer <adam.majer@suse.de> - Update to 21.7.1 * revert "test_runner: do not invoke after hook when test is empty" * lib: return directly if udp socket close before lookup - Changes in 21.7.0 * util.styleText(format, text): This function returns a formatted text considering the format passed. * support for multi-line values for .env file * sea: support embedding assets * vm: support using the default loader to handle dynamic import() * crypto: implement crypto.hash() * http2: add h2 compat support for appendHeader - versioned.patch, nodejs-libpath.patch: refreshed - c-ares-fixes.patch: upstreamed, removed * Fri Feb 16 2024 Adam Majer <adam.majer@suse.de> - Update to 21.6.2: (security updates) * (CVE-2024-21892, bsc#1219992) - Code injection and privilege escalation through Linux capabilities- (High) * (CVE-2024-22019, bsc#1219993) - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High) * (CVE-2024-21896, bsc#1219994) - Path traversal by monkey-patching Buffer internals- (High) * (CVE-2024-22017, bsc#1219995) - setuid() does not drop all privileges due to io_uring - (High) * (CVE-2023-46809, bsc#1219997) - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium) * (CVE-2024-21891, bsc#1219998) - Multiple permission model bypasses due to improper path traversal sequence sanitization - (Medium) * (CVE-2024-21890, bsc#1219999) - Improper handling of wildcards in --allow-fs-read and --allow-fs-write (Medium) * (CVE-2024-22025, bsc#1220014) - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium) * undici version 5.28.3 (CVE-2024-24758, bsc#1220017) * libuv version 1.48.0 * Mon Feb 12 2024 Adam Majer <adam.majer@suse.de> - Update to 21.6.1: * Revert "stream: fix cloned webstreams not being unref'd" - Changes in 21.6.0: * New connection attempt events * --allow-addons to enable addon usage when using the Permission Model. * Support configurable snapshot through --build-snapshot-config flag - fix_ci_tests.patch: refreshed * Sat Jan 27 2024 xtex <xtexchooser@duck.com> - Add libalternative config for corepack * Mon Jan 08 2024 Adam Majer <adam.majer@suse.de> - Update to 21.5.0: * module: merge config with package_json_reader * src: move package resolver to c++ * doc: + deprecate hash constructor + deprecate dirent.path - linker_lto_jobs.patch: refreshed * Tue Jan 02 2024 Adam Majer <adam.majer@suse.de> - c-ares-fixes.patch: fixes unit tests for new c-ares * Mon Dec 11 2023 Adam Majer <adam.majer@suse.de> - Update to 21.4.0: * fs: introduce dirent.parentPath * fs: use default w flag for writeFileSync with utf8 encoding - Changes in 21.3.0: * New --disable-warning flag * Fast fs.writeFileSync with UTF-8 Strings For details, see https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V21.md#21.4.0 - fix_ci_tests.patch: added workaround for missing deps * Thu Nov 23 2023 Adam Majer <adam.majer@suse.de> - node-gyp-addon-gypi.patch: fix misapplied patch (bsc#1217424) * Wed Nov 15 2023 Adam Majer <adam.majer@suse.de> - Update to 21.2.0 * esm: add import.meta.dirname and import.meta.filename * fs: add stacktrace to fs/promises * lib: + add --no-experimental-global-navigator CLI flag + add navigator.language & navigator.languages + add navigator.platform * stream: + add support for deflate-raw format to webstreams compression + use Array for Readable buffer + optimize creation * test_runner: + adds built in lcov reporter + test_runner: add Date to the supported mock APIs + test_runner, cli: add --test-timeout flag For details see https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V21.md#21.2.0 - nodejs20-zlib-1.3.patch: upstreamed, dropped - node-gyp-addon-gypi.patch: rebased - fix_ci_tests.patch: partially upstreamed * Tue Nov 07 2023 Adam Majer <adam.majer@suse.de> - Package new version 21.1.0 For overview of changes and details since 20.x and earlier see https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V21.md#21.0.0 - imported the following patches from prior patches: + cares_public_headers.patch + fix_ci_tests.patch + flaky_test_rerun.patch + gcc13.patch + legacy_python.patch + linker_lto_jobs.patch + manual_configure.patch + node-gyp-addon-gypi.patch + node-gyp-config.patch + nodejs20-zlib-1.3.patch + nodejs-libpath.patch + npm_search_paths.patch + openssl_binary_detection.patch + qemu_timeouts_arches.patch + skip_no_console.patch + sle12_python3_compat.patch + test-skip-y2038-on-32bit-time_t.patch + versioned.patch
/usr/bin/node21 /usr/lib64/node_modules /usr/share/doc/packages/nodejs21 /usr/share/doc/packages/nodejs21/BUILDING.md /usr/share/doc/packages/nodejs21/CHANGELOG.md /usr/share/doc/packages/nodejs21/CHANGELOG_V21.md /usr/share/doc/packages/nodejs21/CODE_OF_CONDUCT.md /usr/share/doc/packages/nodejs21/CONTRIBUTING.md /usr/share/doc/packages/nodejs21/GOVERNANCE.md /usr/share/doc/packages/nodejs21/README.md /usr/share/doc/packages/nodejs21/SECURITY.md /usr/share/doc/packages/nodejs21/gdbinit /usr/share/doc/packages/nodejs21/glossary.md /usr/share/doc/packages/nodejs21/onboarding.md /usr/share/libalternatives /usr/share/libalternatives/node /usr/share/libalternatives/node/21.conf /usr/share/licenses/nodejs21 /usr/share/licenses/nodejs21/LICENSE /usr/share/man/man1/node21.1.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Sun Jun 9 12:30:25 2024