[SECURITY] [DLA 4598-1] nodejs security update

[rouca]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4598-1                debian-...@lists.debian.org
https://www.debian.org/lts/security/                   Bastien Roucariès
May 24, 2026                                  https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : nodejs
Version        : 12.22.12~dfsg-1~deb11u8
CVE ID         : CVE-2025-59465 CVE-2026-21637 CVE-2026-21714

Multiple vulnerabilities were discovered in Node.js, which could result
in denial of service or information disclosure.

For Debian 11 bullseye, these problems have been fixed in version
12.22.12~dfsg-1~deb11u8.

We recommend that you upgrade your nodejs packages.

For the detailed security status of nodejs please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/nodejs

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmoStEAACgkQADoaLapB
CF/A3w/+LtNCCWxCuByXDPG4jKlHL+FiFDU/Sg4YQZqb064934Out6tq01Dk24oC
mTDI3Nja03reabYBRw4HsjllPwbDeKqxSx9T2pdHQAC0thJC+Y8cMJdeSDIW4Chj
BCi1AUL6/QmKNg1J3koZUoKIzCadDMHoCAI4seLFpFRcNhPz046jjVeSHTXbN/Id
XdzbzRXkIfUyFcb6I2Y/5RmXftYQL1/UVD13tEcL/d0vIOG1hOGngK7T7F9mssyG
+doyiHF5vGUOpI2tmBtEhPFMGsDqTT+bvUEy3jh+i/jTrwrNADDg0Jyt6f48MoAM
bz3qWAbkJNWz5un5yiqKPrijIkvzPh8hckdRz8IjWQu9DZzh/k2o7RmwbbSiXQ6R
Cx0HWdWNSgKQFlliGFG2akVZrgMOJZUanrQlZ4zkZosipME8/93YUqH6GDeE+CMO
2Gk8ULyfW+SJVEhsiVdh6hFCOFS++lv07Ln26E+Z1cJUbABH/XCcenIqEwU8fmhK
oenJk1KUzQXwHo+4baMxqmRSsPVmqbLF5dSbs8IMKxxCp/sX3z1g1enwGwwSEP6J
E/hRXg9/87g97md+uaoImsDq5R3hnIOBclbS+Fx9BxscaFesptWmDpe6cgN0Cm3b
DE3RnjT3yLP8Kys5a0B/nANwl4DY8vHmdfu3x1mgRA36Op2ClKo=
=mNUA
-----END PGP SIGNATURE-----