Source: nodejs
Source-Version: 20.18.2+dfsg-1
----- Forwarded message from Debian FTP Masters
<ftpmas...@ftp-master.debian.org> -----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 26 Jan 2025 16:31:48 +0100
Source: nodejs
Architecture: source
Version: 20.18.2+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
<pkg-javascript-de...@alioth-lists.debian.net>
Changed-By: Jérémy Lal <kapo...@melix.org>
Changes:
nodejs (20.18.2+dfsg-1) unstable; urgency=medium
.
* New upstream version 20.18.2+dfsg
+ CVE-2025-23083: Worker permission bypass via InternalWorker
leak in diagnostics (High).
+ CVE-2025-23085: GOAWAY HTTP/2 frames cause memory leak outside heap
(Medium).
Checksums-Sha1:
85db7463906fa905c49c99879e4fea7148d00587 4377 nodejs_20.18.2+dfsg-1.dsc
36d594cccc87915a298fccaa4f30843f6a7af2ec 274900
nodejs_20.18.2+dfsg.orig-ada.tar.xz
8d0ae83f8a0e0af54d3799b17887c8148c273205 300624
nodejs_20.18.2+dfsg.orig-types-node.tar.xz
efd903039b54433bff2ab04e2e8ca38975515552 19455612
nodejs_20.18.2+dfsg.orig.tar.xz
dce7a256ce83bce897249381618b4c0cbb65c26a 159708
nodejs_20.18.2+dfsg-1.debian.tar.xz
ec6017ad9c5396e7e636adf747454284ee31fd4e 11714
nodejs_20.18.2+dfsg-1_source.buildinfo
Checksums-Sha256:
a41ca9b752d5bb4115c0c9f3d571d7b401b91de7661307f1dafb46b02c67152d 4377
nodejs_20.18.2+dfsg-1.dsc
26deff017c505b316f2498aaf293c896f4ab92b5349b367cf21fe14fa2cbd1e1 274900
nodejs_20.18.2+dfsg.orig-ada.tar.xz
bbce097408c158b4af7320f0e40c76dea4f4c289e1c6fd079aacbbb7e7fc963e 300624
nodejs_20.18.2+dfsg.orig-types-node.tar.xz
cf352efa6172aa13c5208441f2d5a6d84e76edfc94ed68a0db8069a2780cd6c2 19455612
nodejs_20.18.2+dfsg.orig.tar.xz
138fdf24fbefe4c8ef4f8c7d490cd6ffa1019b20b3160a81e99c17d3a18f6620 159708
nodejs_20.18.2+dfsg-1.debian.tar.xz
fd65282ea17afd1c8db4aa2dd3412eb7d01b54bf7e300e9b0c3359180333d839 11714
nodejs_20.18.2+dfsg-1_source.buildinfo
Files:
e97f373529fa49f17c5bf39cbea8f33a 4377 javascript optional
nodejs_20.18.2+dfsg-1.dsc
fd9ff3be8b8b43905dd24c5af24aab16 274900 javascript optional
nodejs_20.18.2+dfsg.orig-ada.tar.xz
a8e00187c13c08d0c58d0f5cd6de96d7 300624 javascript optional
nodejs_20.18.2+dfsg.orig-types-node.tar.xz
4cb52fbbcc46ba8fa45bfdb9dadf2c54 19455612 javascript optional
nodejs_20.18.2+dfsg.orig.tar.xz
345fd0567ac98b91529137af4eb3eb65 159708 javascript optional
nodejs_20.18.2+dfsg-1.debian.tar.xz
ba6f3f69622745a48e98f25ca4953f05 11714 javascript optional
nodejs_20.18.2+dfsg-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJGBAEBCAAwFiEEA8Tnq7iA9SQwbkgVZhHAXt0583QFAmeWVYUSHGthcG91ZXJA
bWVsaXgub3JnAAoJEGYRwF7dOfN0fFkP/iSB2A4Qvl9Jp4QWeL56dphgbxSezZAO
FB/5z1ZdIFaqcemQ86+FkFYwRyKMYvq4FuUh+C7dNYBTpyTdcN7bZccM/aeC8Gsw
QR7G4vlzqqXybMChdmvctIviwBG3bBTmnp1STZbyR6jM7CGvkUsooHg0bW2lTI9+
ZdUPiQu0IG6rbgatHNTTAdaekKSnrbcmYF+RSmeY0yZ/wMaL5JmPYavQ3rcCdlpd
H44D3Sc1D9Zzeii+VzULrHrT4sw1aePjWbsMjFFHYRhdg404H/znByH6jkEygCJ0
PpixZ0mR+50mDNwXnzh0xTp8bvMSSvBTgYQ0fpY/gYBxUGm4LIzQ32tNakn2TdZR
V7n4X3loA5KysbzKol6NIH3lcQzcY6/stD+xiB+fWGMz+WgxCtnevD6IcX5S3dSE
cDGgKi5hKTDnz9FKc9ORGTCQbY3rC3Ma1axR9RnTzrlNIB8Bo+x5LQ9vSDTvrcVf
OVk8ZCwdXhiMD++MpBsTk5NxeQU6XjaG5jWxmUrgy0EamCcj/g2k/ktibKP+LScz
sIUR/xQGLj2/uzUxDccm9VU/HdFYOvF4GQWEi5aEbMHh2mF0J9/4QLY3o7pnixwK
5JSLallBLx7SsgvPEt75phDevxv8Qco6ek6Lz3yezHLSevnh2gWRz4iO6daJEAa3
brZtk5yTdmSt
=3pi3
-----END PGP SIGNATURE-----
----- End forwarded message -----
