node-linux-s390x 22.4.0 → 22.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/CHANGELOG.md +23 -0
  2. package/bin/node +0 -0
  3. package/include/node/node_version.h +1 -1
  4. package/package.json +1 -1
package/CHANGELOG.md CHANGED
@@ -8,6 +8,7 @@
8
8
  </tr>
9
9
  <tr>
10
10
  <td>
11
+ <a href="#22.4.1">22.4.1</a><br/>
11
12
  <a href="#22.4.0">22.4.0</a><br/>
12
13
  <a href="#22.3.0">22.3.0</a><br/>
13
14
  <a href="#22.2.0">22.2.0</a><br/>
@@ -41,6 +42,28 @@
41
42
  * [io.js](CHANGELOG_IOJS.md)
42
43
  * [Archive](CHANGELOG_ARCHIVE.md)
43
44
 
45
+ <a id="22.4.1"></a>
46
+
47
+ ## 2024-07-08, Version 22.4.1 (Current), @RafaelGSS
48
+
49
+ This is a security release.
50
+
51
+ ### Notable Changes
52
+
53
+ * CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High)
54
+ * CVE-2024-22020 - Bypass network import restriction via data URL (Medium)
55
+ * CVE-2024-22018 - fs.lstat bypasses permission model (Low)
56
+ * CVE-2024-36137 - fs.fchown/fchmod bypasses permission model (Low)
57
+ * CVE-2024-37372 - Permission model improperly processes UNC paths (Low)
58
+
59
+ ### Commits
60
+
61
+ * \[[`110902ff5e`](https://github.com/nodejs/node/commit/110902ff5e)] - **lib,esm**: handle bypass network-import via data: (RafaelGSS) [nodejs-private/node-private#522](https://github.com/nodejs-private/node-private/pull/522)
62
+ * \[[`0a0de3d491`](https://github.com/nodejs/node/commit/0a0de3d491)] - **lib,permission**: support fs.lstat (RafaelGSS)
63
+ * \[[`93574335ff`](https://github.com/nodejs/node/commit/93574335ff)] - **lib,permission**: disable fchmod/fchown when pm enabled (RafaelGSS) [nodejs-private/node-private#584](https://github.com/nodejs-private/node-private/pull/584)
64
+ * \[[`09899e6302`](https://github.com/nodejs/node/commit/09899e6302)] - **src**: handle permissive extension on cmd check (RafaelGSS) [nodejs-private/node-private#596](https://github.com/nodejs-private/node-private/pull/596)
65
+ * \[[`5d9c811634`](https://github.com/nodejs/node/commit/5d9c811634)] - **src,permission**: fix UNC path resolution (RafaelGSS) [nodejs-private/node-private#581](https://github.com/nodejs-private/node-private/pull/581)
66
+
44
67
  <a id="22.4.0"></a>
45
68
 
46
69
  ## 2024-07-02, Version 22.4.0 (Current), @targos
package/bin/node CHANGED
Binary file
package/include/node/node_version.h CHANGED
@@ -24,7 +24,7 @@
24
24
 
25
25
  #define NODE_MAJOR_VERSION 22
26
26
  #define NODE_MINOR_VERSION 4
27
- #define NODE_PATCH_VERSION 0
27
+ #define NODE_PATCH_VERSION 1
28
28
 
29
29
  #define NODE_VERSION_IS_LTS 0
30
30
  #define NODE_VERSION_LTS_CODENAME ""
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "node-linux-s390x",
3
- "version": "v22.4.0",
3
+ "version": "v22.4.1",
4
4
  "description": "node",
5
5
  "bin": {
6
6
  "node": "bin/node"