[Buildroot] [PATCH 1/1] package/nodejs: security bump to version 8.11.3
Peter Korsgaard
peter at korsgaard.com
Sun Jun 17 15:57:01 UTC 2018
>>>>> "Martin" == Martin Bark <martin at barkynet.com> writes:
> Fixes the following security issues:
> - (CVE-2018-7167): Fixes Denial of Service vulnerability where calling
> Buffer.fill() could hang
> - (CVE-2018-7161): Fixes Denial of Service vulnerability by updating the
> http2 implementation to not crash under certain circumstances during
> cleanup
> - (CVE-2018-1000168): Fixes Denial of Service vulnerability by upgrading
> nghttp2 to 1.32.0
> See https://nodejs.org/en/blog/release/v8.11.3/ for more details
> Signed-off-by: Martin Bark <martin at barkynet.com>
Committed to 2018.02.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list