-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-cc863e84da 2026-01-31 17:08:28.805767+00:00 --------------------------------------------------------------------------------
Name : nodejs24 Product : Fedora 42 Version : 24.13.0 Release : 4.fc42 URL : https://nodejs.org Summary : JavaScript runtime Description : Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. -------------------------------------------------------------------------------- Update Information: Update to version 24.13.0. -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 19 2026 tjuhasz <[email protected]> - 1:24.13.0-4 - Replace usage of man_info_compress to be funcional across all branches. * Mon Jan 19 2026 Andrei Radchenko <[email protected]> - 1:24.13.0-3 - build: expose libplatform symbols in shared libnode * Fri Jan 16 2026 Fedora Release Engineering <[email protected]> - 1:24.13.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Tue Jan 13 2026 tjuhasz <[email protected]> - 1:24.13.0-1 - Update to version 24.13.0 (rhbz#2421027) * Mon Jan 12 2026 Jan StanÄk <[email protected]> - 1:24.11.1-3 - Run version checks only on bundled components * Tue Dec 2 2025 tjuhasz <[email protected]> - 1:24.11.1-2 - Fix name collision of the COMPRESS variable in spec file. * Wed Nov 12 2025 tjuhasz <[email protected]> - 1:24.11.1-1 - Update to version 24.11.1 (rhbz#2414318) * Wed Nov 12 2025 tjuhasz <[email protected]> - 1:24.11.0-2 - Rebuild for nodejs-packaging * Wed Oct 29 2025 tjuhasz <[email protected]> - 1:24.11.0-1 - Update to version 24.11.0 (rhbz#2402617) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2421027 - nodejs24-24.13.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2421027 [ 2 ] Bug #2425803 - Undefined symbol after 24.11 update https://bugzilla.redhat.com/show_bug.cgi?id=2425803 [ 3 ] Bug #2430296 - CVE-2026-22036 nodejs24: Undici has an unbounded decompression chain in HTTP responses on Node.js Fetch API via Content-Encoding leads to resource exhaustion [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2430296 [ 4 ] Bug #2431453 - CVE-2025-55132 nodejs24: Nodejs filesystem permissions bypass [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431453 [ 5 ] Bug #2431460 - CVE-2026-21637 nodejs24: Nodejs denial of service [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431460 [ 6 ] Bug #2431467 - CVE-2025-59466 nodejs24: Nodejs denial of service [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431467 [ 7 ] Bug #2431474 - CVE-2025-59464 nodejs24: Nodejs memory leak [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431474 [ 8 ] Bug #2431487 - CVE-2025-59465 nodejs24: Nodejs denial of service [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431487 [ 9 ] Bug #2431488 - CVE-2025-55131 nodejs24: Nodejs uninitialized memory exposure [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431488 [ 10 ] Bug #2431489 - CVE-2025-55130 nodejs24: Nodejs file permissions bypass [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431489 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-cc863e84da' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
-- _______________________________________________ package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
