[ubuntu/mantic-updates] nodejs 18.13.0+dfsg1-1ubuntu2.3 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Tue Jun 11 09:58:35 UTC 2024
nodejs (18.13.0+dfsg1-1ubuntu2.3) mantic-security; urgency=medium
* SECURITY UPDATE:
- debian/patches/CVE-2023-32002.patch: fixed a policy mechanism bypass in
`Module._load` (CVE-2023-32002) and one in `constructor.createRequire`
(CVE-2023-32006)
- debian/patches/CVE-2023-32559.patch: fixed a privilege escalation in
process.binding
- CVE-2023-32002
- CVE-2023-32006
- CVE-2023-32559
Date: 2024-06-07 15:31:10.787213+00:00
Changed-By: Amir Naseredini <amir.naseredini at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/nodejs/18.13.0+dfsg1-1ubuntu2.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the mantic-changes
mailing list