-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 04 Mar 2021 00:29:51 +0100 Source: nodejs Architecture: source Version: 14.16.0~dfsg-1 Distribution: experimental Urgency: medium Maintainer: Debian Javascript Maintainers <pkg-javascript-de...@alioth-lists.debian.net> Changed-By: Jérémy Lal <kapo...@melix.org> Closes: 979698 Changes: nodejs (14.16.0~dfsg-1) experimental; urgency=medium . [ Jérémy Lal ] * New upstream version 14.16.0~dfsg Fixed vulnerabilities: + CVE-2021-22883: HTTP2 'unknownProtocol' cause DoS by resource exhaustion + CVE-2021-22884: localhost6 DNS rebinding in --inspect * Refresh make-doc patch * Patch to always use pure javascript cjs lexer * copyright: cjs-module-lexer is expat * copyright: exclude cjs-module-lexer unbuildable files * copyright: fix some copyright years * copyright: shjs is no longer used * lintian-overrides: false positive for a unicode regexp . [ Xavier Guimard ] * Embed @types/node 14 * Provides node-types-node (Closes: #979698) * Use secure copyright file specification URI. * Set upstream metadata fields: Security-Contact. * Bump debhelper compatibility level to 13 * Declare compliance with policy 4.5.1 * Use secure URI in Homepage field. * Add "Rules-Requires-Root: no" * Modernize debian/watch * Add ctype=nodejs to component(s) * Update d/copyright urls Checksums-Sha1: 33cc08048de15b5c04847843d32342209a9ff9db 3464 nodejs_14.16.0~dfsg-1.dsc 8c254868fb7fdd6e011c7d97939d53626cecdcf5 89040 nodejs_14.16.0~dfsg.orig-types-node.tar.xz 8d2921d305989633453c90bbe9aa32ce10af4011 18876272 nodejs_14.16.0~dfsg.orig.tar.xz fcfdb817227aaa76dfe99656fa7c88c1548aa4d7 134392 nodejs_14.16.0~dfsg-1.debian.tar.xz 92ded56bb5a0aa948b72897842ff6c97720ad36b 8296 nodejs_14.16.0~dfsg-1_source.buildinfo Checksums-Sha256: d2df71b80046b0e14410db68dbd447e111e6d11205cb898bd86fec46f886d7da 3464 nodejs_14.16.0~dfsg-1.dsc 61e9921331af55775fc390c3b2924aae9c5cb8f55fc8efebd28f4c73df619e0d 89040 nodejs_14.16.0~dfsg.orig-types-node.tar.xz 2805273cd227cffd2b93d921f2dfb627911ef12f147bd9da8287c3023c84d673 18876272 nodejs_14.16.0~dfsg.orig.tar.xz 098b90f9972e35e61bea1cd0f5f4ca9e4c9ed4e4dca128a06f31943c4599637b 134392 nodejs_14.16.0~dfsg-1.debian.tar.xz 404ea9b77e6c11cc37d5fe05ca0fd54e2211d0f88bce07739c0835c44f1dc7e2 8296 nodejs_14.16.0~dfsg-1_source.buildinfo Files: 38a5ed6bc174e91f440debffb015b55a 3464 javascript optional nodejs_14.16.0~dfsg-1.dsc b2adad7b9249a00a54e9b70e2bf9d1b3 89040 javascript optional nodejs_14.16.0~dfsg.orig-types-node.tar.xz 94ec509608b4ebd747ae9f0d09fcd9af 18876272 javascript optional nodejs_14.16.0~dfsg.orig.tar.xz de3f2c2b4dfe09e4b2c6d821af31275c 134392 javascript optional nodejs_14.16.0~dfsg-1.debian.tar.xz 9c35a75d06a5ec5a8d33dc167938a674 8296 javascript optional nodejs_14.16.0~dfsg-1_source.buildinfo
-----BEGIN PGP SIGNATURE----- iQJGBAEBCgAwFiEEA8Tnq7iA9SQwbkgVZhHAXt0583QFAmBAHDoSHGthcG91ZXJA bWVsaXgub3JnAAoJEGYRwF7dOfN08hAP/28eExOPLKVHhp9PymdUZJzyFJWr9tvA XpC6M7zYFsOb37KwQWbh9Dbs0Mmr1suAadSbvJUdTzit25WbvmUbQMeL8sDdCGhn gRHVBme63lkm4MVY82LTZbeK8ckgABpnbJpXleisSiJIjmRvHTxfC8/M7S+lA6sz hx0tbapMlBhjJEwXVPCXkhxhPU4QHNRu3PSnnazvXvRhMCYEc3wmKq7110iz0N8X Gq3MyUP4NeEWqvZWDbV3SVuoaD8KKt7yMFLJ+VFlySvt34sz4wBcpHyBieIHiuG0 UTYCa2XcSkPzbvSBihALWa8KJlI86O4mEfudBXK21W2ZAsgQI9CiB7uYWO73IVO8 pAAyUrzn/hhQf7fbqmUKGtmCyEXgTSiY7nhtn9mrLEg34tf+Gy4pILHniJtCKBpO RDCp3E1lGZ8J2vdM4qmmTcX3B1t4AzBxPMEzCxILT0GBTqbShZq9OdHbDBQnnZxq H0kwbqLxkPgen5p6Yogmm+nUGSS35l7ArGvXZqiaDNhTy5jF+uGIdY59P7FjDt9b 4voKotiFZ/UknWibpV/6qJTS1z0WV+dYxrPG5Yc4iDmVs1v8+RLSsfGc7vsClIB0 0rGL7DdiS5W9Xa9kyS3uECIpTmnDhVlcmS3Imp4uQIUcVnenSz3T61uVkAJiKJqM S33+k5gwmsH4 =2NaU -----END PGP SIGNATURE-----