[ubuntu/mantic-security] nodejs 18.13.0+dfsg1-1ubuntu2.1 (Accepted)
Amir Naseredini
amir.naseredini at canonical.com
Mon Mar 4 11:10:28 UTC 2024
nodejs (18.13.0+dfsg1-1ubuntu2.1) mantic-security; urgency=medium
* SECURITY UPDATE: Privilege Escalation
- debian/patches/CVE-2023-23920.patch: added `ICU_NO_USER_DATA_OVERRIDE` to
fix an issue with insecure loading of ICU data
- CVE-2023-23920
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2023-23919.patch: fixed a cryptographic vulnerability
in nodejs with invalid ca cert
- CVE-2023-23919
Date: 2024-02-28 16:04:10.271895+00:00
Changed-By: Amir Naseredini <amir.naseredini at canonical.com>
https://launchpad.net/ubuntu/+source/nodejs/18.13.0+dfsg1-1ubuntu2.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the mantic-changes
mailing list