node-linux-arm64 16.17.0 → 16.17.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/CHANGELOG.md +22 -0
  2. package/bin/node +0 -0
  3. package/include/node/node_version.h +1 -1
  4. package/package.json +1 -1
package/CHANGELOG.md CHANGED
@@ -9,6 +9,7 @@
9
9
  </tr>
10
10
  <tr>
11
11
  <td valign="top">
12
+ <a href="#16.17.1">16.17.1</a><br/>
12
13
  <a href="#16.17.0">16.17.0</a><br/>
13
14
  <a href="#16.16.0">16.16.0</a><br/>
14
15
  <a href="#16.15.1">16.15.1</a><br/>
@@ -63,6 +64,27 @@
63
64
  * [io.js](CHANGELOG_IOJS.md)
64
65
  * [Archive](CHANGELOG_ARCHIVE.md)
65
66
 
67
+ <a id="16.17.1"></a>
68
+
69
+ ## 2022-09-23, Version 16.17.1 'Gallium' (LTS), @ruyadorno
70
+
71
+ ### Notable changes
72
+
73
+ The following CVEs are fixed in this release:
74
+
75
+ * **[CVE-2022-32212](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212)**: DNS rebinding in --inspect on macOS (High)
76
+ * **[CVE-2022-32213](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32213)**: bypass via obs-fold mechanic (Medium)
77
+ * **[CVE-2022-35255](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255)**: Weak randomness in WebCrypto keygen
78
+ * **[CVE-2022-35256](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256)**: HTTP Request Smuggling - Incorrect Parsing of Header Fields (Medium)
79
+
80
+ More detailed information on each of the vulnerabilities can be found in [September 22nd 2022 Security Releases](https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/) blog post.
81
+
82
+ ### Commits
83
+
84
+ * \[[`a54283a638`](https://github.com/nodejs/node/commit/a54283a638)] - **crypto**: fix weak randomness in WebCrypto keygen (Ben Noordhuis) [nodejs-private/node-private#346](https://github.com/nodejs-private/node-private/pull/346)
85
+ * \[[`0713e21240`](https://github.com/nodejs/node/commit/0713e21240)] - **http**: disable chunked encoding when using OBS fold is used (Paolo Insogna) [nodejs-private/node-private#341](https://github.com/nodejs-private/node-private/pull/341)
86
+ * \[[`77fe2f32e4`](https://github.com/nodejs/node/commit/77fe2f32e4)] - **src**: fix IPv4 non routable validation (RafaelGSS) [nodejs-private/node-private#337](https://github.com/nodejs-private/node-private/pull/337)
87
+
66
88
  <a id="16.17.0"></a>
67
89
 
68
90
  ## 2022-08-16, Version 16.17.0 'Gallium' (LTS), @targos
package/bin/node CHANGED
Binary file
package/include/node/node_version.h CHANGED
@@ -24,7 +24,7 @@
24
24
 
25
25
  #define NODE_MAJOR_VERSION 16
26
26
  #define NODE_MINOR_VERSION 17
27
- #define NODE_PATCH_VERSION 0
27
+ #define NODE_PATCH_VERSION 1
28
28
 
29
29
  #define NODE_VERSION_IS_LTS 1
30
30
  #define NODE_VERSION_LTS_CODENAME "Gallium"
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "node-linux-arm64",
3
- "version": "v16.17.0",
3
+ "version": "v16.17.1",
4
4
  "description": "node",
5
5
  "bin": {
6
6
  "node": "bin/node"