Summary: | <net-libs/nodejs-{12.22.10,14.19.0,16.14.1}: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | himbeere, williamh |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/ | ||
Whiteboard: | B3 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 835588 | ||
Bug Blocks: |
Description
John Helmert III
2022-01-11 21:00:47 UTC
*** Bug 831351 has been marked as a duplicate of this bug. *** May I ask what prevents us from updating the nodejs ebuilds? Seems this bug ist marked of a bug which is in turn marked as a bug of this on. I meant duplicate of course. :) (In reply to Thomas Stein from comment #2) > May I ask what prevents us from updating the nodejs ebuilds? Seems this bug > ist marked of a bug which is in turn marked as a bug of this on. Presumably just maintainer time. NodeJS is somewhat notorious for requiring lots of maintenance time. That said: ping, William. I'll work on these bumps today. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b6286012b3486b92a400cd116512f807a9b20dcb commit b6286012b3486b92a400cd116512f807a9b20dcb Author: William Hubbs <williamh@gentoo.org> AuthorDate: 2022-03-17 21:39:19 +0000 Commit: William Hubbs <williamh@gentoo.org> CommitDate: 2022-03-17 21:39:19 +0000 net-libs/nodejs: add 12.22.10 Bug: https://bugs.gentoo.org/831037 Signed-off-by: William Hubbs <williamh@gentoo.org> net-libs/nodejs/Manifest | 1 + .../files/nodejs-12.22.10-global-npm-config.patch | 20 ++ net-libs/nodejs/nodejs-12.22.10.ebuild | 249 +++++++++++++++++++++ 3 files changed, 270 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4d409d22398cb3d4937d00663d3fdaed05f19763 commit 4d409d22398cb3d4937d00663d3fdaed05f19763 Author: William Hubbs <williamh@gentoo.org> AuthorDate: 2022-03-17 21:39:18 +0000 Commit: William Hubbs <williamh@gentoo.org> CommitDate: 2022-03-17 21:39:18 +0000 net-libs/nodejs: add 14.19.0 Bug: https://bugs.gentoo.org/831037 Signed-off-by: William Hubbs <williamh@gentoo.org> net-libs/nodejs/Manifest | 1 + .../files/nodejs-14.19.0-global-npm-config.patch | 20 ++ net-libs/nodejs/nodejs-14.19.0.ebuild | 241 +++++++++++++++++++++ 3 files changed, 262 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a9ef8e6d6d46839f8801ccbf71da5e1229eb0c3d commit a9ef8e6d6d46839f8801ccbf71da5e1229eb0c3d Author: William Hubbs <williamh@gentoo.org> AuthorDate: 2022-03-17 21:39:18 +0000 Commit: William Hubbs <williamh@gentoo.org> CommitDate: 2022-03-17 21:39:18 +0000 net-libs/nodejs: add 16.14.1 Bug: https://bugs.gentoo.org/831037 Signed-off-by: William Hubbs <williamh@gentoo.org> net-libs/nodejs/Manifest | 1 + net-libs/nodejs/nodejs-16.14.1.ebuild | 230 ++++++++++++++++++++++++++++++++++ 2 files changed, 231 insertions(+) Thanks! Please stabilize fixed 12.x and 14.x versions. Please cleanup The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=88bffd0cf8491b108b57ac229b72f8b472c31ed1 commit 88bffd0cf8491b108b57ac229b72f8b472c31ed1 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-05-08 11:16:15 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-05-08 11:16:37 +0000 [ GLSA 202405-29 ] Node.js: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/772422 Bug: https://bugs.gentoo.org/781704 Bug: https://bugs.gentoo.org/800986 Bug: https://bugs.gentoo.org/805053 Bug: https://bugs.gentoo.org/807775 Bug: https://bugs.gentoo.org/811273 Bug: https://bugs.gentoo.org/817938 Bug: https://bugs.gentoo.org/831037 Bug: https://bugs.gentoo.org/835615 Bug: https://bugs.gentoo.org/857111 Bug: https://bugs.gentoo.org/865627 Bug: https://bugs.gentoo.org/872692 Bug: https://bugs.gentoo.org/879617 Bug: https://bugs.gentoo.org/918086 Bug: https://bugs.gentoo.org/918614 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202405-29.xml | 121 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 121 insertions(+) |