CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2022/09/23 13:28:50
Modified files:
lang/node : Makefile distinfo
lang/node/patches: patch-node_gyp
Added files:
lang/node/patches: patch-configure
Log message:
security update to node-16.17.1, from maintainer Volker Schlecht
plus I added a patch to the configure script to prevent it from picking up
a non-default Python version at build time
HTTP Request Smuggling Due to Incorrect Parsing of Multi-line
Transfer-Encoding (Medium) (improper fix for CVE-2022-32215)
CVE-2022-32213 bypass via obs-fold mechanic (Medium) (CVE-2022-32213)
HTTP Request Smuggling Due to Incorrect Parsing of Header Fields
(Medium) (CVE-2022-35256)
Weak randomness in WebCrypto keygen (High) (CVE-2022-35255)
