Back to nodejs PTS page

Accepted nodejs 18.19.1+dfsg-1 (source) into unstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 18 Feb 2024 18:12:23 +0100
Source: nodejs
Architecture: source
Version: 18.19.1+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@alioth-lists.debian.net>
Changed-By: Jérémy Lal <kapouer@melix.org>
Closes: 1059168 1064055
Changes:
 nodejs (18.19.1+dfsg-1) unstable; urgency=medium
 .
   * New upstream version 18.19.1. Closes: 1064055.
     + CVE-2024-21892 (High)
       Code injection and privilege escalation through Linux capabilities
     + CVE-2024-22019 (High)
       Reading unprocessed HTTP request with unbounded chunk
       extension allows DoS attacks
     + CVE-2023-46809 (Medium)
       Marvin Attack vulnerability against PKCS#1 v1.5 padding
   * new architecture: loong64, thanks to Shi Pujin
   * patch:
     + let loong64 have some failing tests
     + more doc for localhost-no-addrconfig
     + allow test-debugger-heap-profiler to fail. Closes: #1059168
     + disable zlib embedding in v8, disable snapshot compression
   * override lintian source warning for zlib brotli test string
   * fix boostrapping of nodejs package:
     + update README.source
     + nodoc: disable bash completion output
     + patch: disable shared builtins when flag
       node-builtin-modules-path is used
   * include permission headers in libnode-dev
   * B-D pkg-config becomes pkgconf
Checksums-Sha1:
 0d0de63a10ea082a473f677af1b9a6be2b066337 4356 nodejs_18.19.1+dfsg-1.dsc
 2540b9b84f230689afcbf507a307d46d4ef2a411 269724 nodejs_18.19.1+dfsg.orig-ada.tar.xz
 4cad22f4545483163b468271d06f425b15f1dcf0 267236 nodejs_18.19.1+dfsg.orig-types-node.tar.xz
 c2d954a215b417e858e4750e687ef180333790a9 28802788 nodejs_18.19.1+dfsg.orig.tar.xz
 2f4699c23c652a71ae581b2b187756cb5c1fbd8b 163300 nodejs_18.19.1+dfsg-1.debian.tar.xz
 3451db4d91e2c65cf28d19c0f87495368ea19621 10959 nodejs_18.19.1+dfsg-1_source.buildinfo
Checksums-Sha256:
 7c5c6b0b6916f1be0abd263ba06fbfa5328dd4d5a4760bd20e1c6ba9b9daf481 4356 nodejs_18.19.1+dfsg-1.dsc
 0c3caa8771a2bc6ac5d32912d07383dcae8a0cf145ed6f7017cbf6b41478acd2 269724 nodejs_18.19.1+dfsg.orig-ada.tar.xz
 5bd8293f0adfb7bc744e3071bdbd184fd02f973931396ba816ff61514ecd62a9 267236 nodejs_18.19.1+dfsg.orig-types-node.tar.xz
 85e2a8604269306984d0c7cc3cdc028dc654d9a60c42a0e059e0104430732c61 28802788 nodejs_18.19.1+dfsg.orig.tar.xz
 fefe4bf79bb4b41e12907e2714d868a660df900a56453f48f60927ee189c6b13 163300 nodejs_18.19.1+dfsg-1.debian.tar.xz
 0720d16be5186b44d49515226ed9bfc92471bfeb0d48b5bc525d2aaf6d0cd197 10959 nodejs_18.19.1+dfsg-1_source.buildinfo
Files:
 37afa2914e24e18a5282cb08d8b6ebe9 4356 javascript optional nodejs_18.19.1+dfsg-1.dsc
 327a080764e93ab10a593efba5b84fd3 269724 javascript optional nodejs_18.19.1+dfsg.orig-ada.tar.xz
 8cabd2aa436c05f698a17368826a8645 267236 javascript optional nodejs_18.19.1+dfsg.orig-types-node.tar.xz
 275b47ffe6863d3d98cda579aacea9ca 28802788 javascript optional nodejs_18.19.1+dfsg.orig.tar.xz
 9da9e0d945e8f74fad9bd4c29a9268a3 163300 javascript optional nodejs_18.19.1+dfsg-1.debian.tar.xz
 0c1e17b2f5b5d3df67a160bacd739fea 10959 javascript optional nodejs_18.19.1+dfsg-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCAAwFiEEA8Tnq7iA9SQwbkgVZhHAXt0583QFAmXSQmsSHGthcG91ZXJA
bWVsaXgub3JnAAoJEGYRwF7dOfN08GAP/0PFaphVoQJE3bnGvgKxBHk3T7ldx8Ta
1jlMZ4E8HGeDkgFpl0nu3NmnFTSkt7NGWypUbq23KbYCGjNvr+n2I+O4ntnsAAPH
co/FhcYw+SvAIUt6nMldr8N6e8U7N9i64lEdDwUN+Ry/rrdYJqpX9xDOu0N2VNZ3
m9X/Q5JE/NMgv5wRTRdnMfdUVN7QCqvx7rs4N2W9VXsPWTqHNMtbwV2wqVxPmYBH
YQlL/LRfQkEscZBfQopOTHMJyWLFRHko8+AR+/Gh8J4VnPqH2Ej9rLgqgjFWFt5m
mNHfmstZk2QVhIRkXvg0fsdkPIFBKTwyfVTbAc6lR/viJPG7KyfqS36qBm0BLiBt
rP2UHy/I21hV9bgkebB+kXYkWT8GhtQ6VthhcLhP3lXkyj7ElyQxOG1CcQFbFXEK
yWp4JFhGRdHHuoSAlvOd3MeaMaZo59PdOGE3JQ1ogTmBn/F6iPWiqkyyQ6ovd/yz
olp0CaQq17X8BRs2R3PxLPQLa9BkgBPASVH/4VZZGALqBYBN3T8R5uf36/Ps43X0
cpBZONFM64oXv+/I8sGqvrrJxZzDWtGokUuttEoOawYOKtlMbAIzpomaP0PV1HY3
uaSxijm+4JxVO/E1wudoRLSc8JRKTk845+iYCo/x2VSNgwKYFduy6fFgKcX4exBC
q5ZjeQbicfqY
=ETPI
-----END PGP SIGNATURE-----

Attachment: pgpgsitMYxGb5.pgp
Description: PGP signature