1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.RC

  • Bug#1094134: [ftpmaster@ftp-master.debian.org: Accepted nodejs 20.18.2+

    From Salvatore Bonaccorso@21:1/5 to All on Sun Jan 26 21:20:01 2025
    Source: nodejs
    Source-Version: 20.18.2+dfsg-1

    ----- Forwarded message from Debian FTP Masters <ftpmaster@ftp-master.debian.org> -----

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Sun, 26 Jan 2025 16:31:48 +0100
    Source: nodejs
    Architecture: source
    Version: 20.18.2+dfsg-1
    Distribution: unstable
    Urgency: medium
    Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@alioth-lists.debian.net>
    Changed-By: Jérémy Lal <kapouer@melix.org>
    Changes:
    nodejs (20.18.2+dfsg-1) unstable; urgency=medium
    .
    * New upstream version 20.18.2+dfsg
    + CVE-2025-23083: Worker permission bypass via InternalWorker
    leak in diagnostics (High).
    + CVE-2025-23085: GOAWAY HTTP/2 frames cause memory leak outside heap
    (Medium).
    Checksums-Sha1:
    85db7463906fa905c49c99879e4fea7148d00587 4377 nodejs_20.18.2+dfsg-1.dsc
    36d594cccc87915a298fccaa4f30843f6a7af2ec 274900 nodejs_20.18.2+dfsg.orig-ada.tar.xz
    8d0ae83f8a0e0af54d3799b17887c8148c273205 300624 nodejs_20.18.2+dfsg.orig-types-node.tar.xz
    efd903039b54433bff2ab04e2e8ca38975515552 19455612 nodejs_20.18.2+dfsg.orig.tar.xz
    dce7a256ce83bce897249381618b4c0cbb65c26a 159708 nodejs_20.18.2+dfsg-1.debian.tar.xz
    ec6017ad9c5396e7e636adf747454284ee31fd4e 11714 nodejs_20.18.2+dfsg-1_source.buildinfo
    Checksums-Sha256:
    a41ca9b752d5bb4115c0c9f3d571d7b401b91de7661307f1dafb46b02c67152d 4377 nodejs_20.18.2+dfsg-1.dsc
    26deff017c505b316f2498aaf293c896f4ab92b5349b367cf21fe14fa2cbd1e1 274900 nodejs_20.18.2+dfsg.orig-ada.tar.xz
    bbce097408c158b4af7320f0e40c76dea4f4c289e1c6fd079aacbbb7e7fc963e 300624 nodejs_20.18.2+dfsg.orig-types-node.tar.xz
    cf352efa6172aa13c5208441f2d5a6d84e76edfc94ed68a0db8069a2780cd6c2 19455612 nodejs_20.18.2+dfsg.orig.tar.xz
    138fdf24fbefe4c8ef4f8c7d490cd6ffa1019b20b3160a81e99c17d3a18f6620 159708 nodejs_20.18.2+dfsg-1.debian.tar.xz
    fd65282ea17afd1c8db4aa2dd3412eb7d01b54bf7e300e9b0c3359180333d839 11714 nodejs_20.18.2+dfsg-1_source.buildinfo
    Files:
    e97f373529fa49f17c5bf39cbea8f33a 4377 javascript optional nodejs_20.18.2+dfsg-1.dsc
    fd9ff3be8b8b43905dd24c5af24aab16 274900 javascript optional nodejs_20.18.2+dfsg.orig-ada.tar.xz
    a8e00187c13c08d0c58d0f5cd6de96d7 300624 javascript optional nodejs_20.18.2+dfsg.orig-types-node.tar.xz
    4cb52fbbcc46ba8fa45bfdb9dadf2c54 19455612 javascript optional nodejs_20.18.2+dfsg.orig.tar.xz
    345fd0567ac98b91529137af4eb3eb65 159708 javascript optional nodejs_20.18.2+dfsg-1.debian.tar.xz
    ba6f3f69622745a48e98f25ca4953f05 11714 javascript optional nodejs_20.18.2+dfsg-1_source.buildinfo
    -----BEGIN PGP SIGNATURE-----

    iQJGBAEBCAAwFiEEA8Tnq7iA9SQwbkgVZhHAXt0583QFAmeWVYUSHGthcG91ZXJA bWVsaXgub3JnAAoJEGYRwF7dOfN0fFkP/iSB2A4Qvl9Jp4QWeL56dphgbxSezZAO FB/5z1ZdIFaqcemQ86+FkFYwRyKMYvq4FuUh+C7dNYBTpyTdcN7bZccM/aeC8Gsw QR7G4vlzqqXybMChdmvctIviwBG3bBTmnp1STZbyR6jM7CGvkUsooHg0bW2lTI9+ ZdUPiQu0IG6rbgatHNTTAdaekKSnrbcmYF+RSmeY0yZ/wMaL5JmPYavQ3rcCdlpd H44D3Sc1D9Zzeii+VzULrHrT4sw1aePjWbsMjFFHYRhdg404H/znByH6jkEygCJ0 PpixZ0mR+50mDNwXnzh0xTp8bvMSSvBTgYQ0fpY/gYBxUGm4LIzQ32tNakn2TdZR V7n4X3loA5KysbzKol6NIH3lcQzcY6/stD+xiB+fWGMz+WgxCtnevD6IcX5S3dSE cDGgKi5hKTDnz9FKc9ORGTCQbY3rC3Ma1axR9RnTzrlNIB8Bo+x5LQ9vSDTvrcVf OVk8ZCwdXhiMD++MpBsTk5NxeQU6XjaG5jWxmUrgy0EamCcj/g2k/ktibKP+LScz sIUR/xQGLj2/uzUxDccm9VU/HdFYOvF4GQWEi5aEbMHh2mF0J9/4QLY3o7pnixwK 5JSLallBLx7SsgvPEt75phDevxv8Qco6ek6Lz3yezHLSevnh2gWRz4iO6daJEAa3
    brZtk5yTdmSt
    =3pi3
    -----END PGP SIGNATURE-----

    ----- End forwarded message -----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)