From: Stacy Gaikovaia <[email protected]> Uprev nodejs in order to fix CVE-2020-8277. This CVE allows an attacker to trigger a DNS request for a host of their choice, which could trigger a Denial of Service in nodejs versions < 12.19.1.
See https://nvd.nist.gov/vuln/detail/CVE-2020-8277 for details. CVE: CVE-2020-8277 Signed-off-by: Stacy Gaikovaia <[email protected]> Signed-off-by: Khem Raj <[email protected]> --- .../nodejs/{nodejs_12.19.0.bb => nodejs_12.19.1.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-devtools/nodejs/{nodejs_12.19.0.bb => nodejs_12.19.1.bb} (98%) diff --git a/meta-oe/recipes-devtools/nodejs/nodejs_12.19.0.bb b/meta-oe/recipes-devtools/nodejs/nodejs_12.19.1.bb similarity index 98% rename from meta-oe/recipes-devtools/nodejs/nodejs_12.19.0.bb rename to meta-oe/recipes-devtools/nodejs/nodejs_12.19.1.bb index 9d15586238..8021fedf44 100644 --- a/meta-oe/recipes-devtools/nodejs/nodejs_12.19.0.bb +++ b/meta-oe/recipes-devtools/nodejs/nodejs_12.19.1.bb @@ -26,7 +26,7 @@ SRC_URI = "http://nodejs.org/dist/v${PV}/node-v${PV}.tar.xz \ SRC_URI_append_class-target = " \ file://0002-Using-native-binaries.patch \ " -SRC_URI[sha256sum] = "3b671c45c493f96d7e018c15110cdbafa4478e5e5cfc9e6eec83cea9e6b551e1" +SRC_URI[sha256sum] = "74077e0cc3db000a6f3cc685b220e609807b61adc8e7d8243e8511d478d1b17d" S = "${WORKDIR}/node-v${PV}" -- 2.29.2
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#88308): https://lists.openembedded.org/g/openembedded-devel/message/88308 Mute This Topic: https://lists.openembedded.org/mt/78995019/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
