node-linux-s390x 23.6.0 → 23.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/CHANGELOG.md +24 -0
  2. package/bin/node +0 -0
  3. package/include/node/node_version.h +1 -1
  4. package/package.json +1 -1
package/CHANGELOG.md CHANGED
@@ -8,6 +8,7 @@
8
8
  </tr>
9
9
  <tr>
10
10
  <td>
11
+ <a href="#23.6.1">23.6.1</a><br/>
11
12
  <a href="#23.6.0">23.6.0</a><br/>
12
13
  <a href="#23.5.0">23.5.0</a><br/>
13
14
  <a href="#23.4.0">23.4.0</a><br/>
@@ -44,6 +45,29 @@
44
45
  * [io.js](CHANGELOG_IOJS.md)
45
46
  * [Archive](CHANGELOG_ARCHIVE.md)
46
47
 
48
+ <a id="23.6.1"></a>
49
+
50
+ ## 2025-01-21, Version 23.6.1 (Current), @RafaelGSS
51
+
52
+ This is a security release.
53
+
54
+ ### Notable Changes
55
+
56
+ * CVE-2025-23083 - src,loader,permission: throw on InternalWorker use when permission model is enabled (High)
57
+ * CVE-2025-23085 - src: fix HTTP2 mem leak on premature close and ERR\_PROTO (Medium)
58
+ * CVE-2025-23084 - path: fix path traversal in normalize() on Windows (Medium)
59
+
60
+ Dependency update:
61
+
62
+ * CVE-2025-22150 - Use of Insufficiently Random Values in undici fetch() (Medium)
63
+
64
+ ### Commits
65
+
66
+ * \[[`f2ad4d3af8`](https://github.com/nodejs/node/commit/f2ad4d3af8)] - **(CVE-2025-22150)** **deps**: update undici to v6.21.1 (Matteo Collina) [nodejs-private/node-private#654](https://github.com/nodejs-private/node-private/pull/654)
67
+ * \[[`0afc6f9600`](https://github.com/nodejs/node/commit/0afc6f9600)] - **(CVE-2025-23084)** **path**: fix path traversal in normalize() on Windows (RafaelGSS) [nodejs-private/node-private#555](https://github.com/nodejs-private/node-private/pull/555)
68
+ * \[[`3c7686163e`](https://github.com/nodejs/node/commit/3c7686163e)] - **(CVE-2025-23085)** **src**: fix HTTP2 mem leak on premature close and ERR\_PROTO (RafaelGSS) [nodejs-private/node-private#650](https://github.com/nodejs-private/node-private/pull/650)
69
+ * \[[`51938f023a`](https://github.com/nodejs/node/commit/51938f023a)] - **(CVE-2025-23083)** **src,loader,permission**: throw on InternalWorker use (RafaelGSS) [nodejs-private/node-private#629](https://github.com/nodejs-private/node-private/pull/629)
70
+
47
71
  <a id="23.6.0"></a>
48
72
 
49
73
  ## 2025-01-07, Version 23.6.0 (Current), @marco-ippolito
package/bin/node CHANGED
Binary file
package/include/node/node_version.h CHANGED
@@ -24,7 +24,7 @@
24
24
 
25
25
  #define NODE_MAJOR_VERSION 23
26
26
  #define NODE_MINOR_VERSION 6
27
- #define NODE_PATCH_VERSION 0
27
+ #define NODE_PATCH_VERSION 1
28
28
 
29
29
  #define NODE_VERSION_IS_LTS 0
30
30
  #define NODE_VERSION_LTS_CODENAME ""
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "node-linux-s390x",
3
- "version": "v23.6.0",
3
+ "version": "v23.6.1",
4
4
  "description": "node",
5
5
  "bin": {
6
6
  "node": "bin/node"