[ubuntu/jammy-updates] nodejs 12.22.9~dfsg-1ubuntu3.6 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Tue Jun 11 09:58:33 UTC 2024
nodejs (12.22.9~dfsg-1ubuntu3.6) jammy-security; urgency=medium
* SECURITY UPDATE: Bypass the Policy Mechanism
- debian/patches/CVE-2023-32002.patch: fixed a policy mechanism bypass in
`Module._load` (CVE-2023-32002) and one in `constructor.createRequire`
(CVE-2023-32006)
- debian/patches/CVE-2023-32559.patch: fixed a privilege escalation in
process.binding
- CVE-2023-32002
- CVE-2023-32006
- CVE-2023-32559
Date: 2024-06-07 17:09:10.037423+00:00
Changed-By: Amir Naseredini <amir.naseredini at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/nodejs/12.22.9~dfsg-1ubuntu3.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list