UNCLASSIFIED - NO CUI

Skip to content

Update node Docker tag to v18.19.1

Ghost User requested to merge renovate/node-18.19.x into development

This MR contains the following updates:

Package Type Update Change
node patch 18.19.0-slim -> 18.19.1-slim
node ironbank-docker patch 18.19.0-alpine3.18 -> 18.19.1-alpine3.18
node stage patch 18.19.0-alpine3.18 -> 18.19.1-alpine3.18

Warning

Some dependencies could not be looked up. Check the warning logs for more information.


Release Notes

nodejs/node (node)

v18.19.1: 2024-02-14, Version 18.19.1 'Hydrogen' (LTS), @​RafaelGSS prepared by @​marco-ippolito

Compare Source

Notable changes

This is a security release.

Notable changes
  • CVE-2024-21892 - Code injection and privilege escalation through Linux capabilities- (High)
  • CVE-2024-22019 - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High)
  • CVE-2023-46809 - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium)
  • CVE-2024-22025 - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium)
  • undici version 5.28.3
  • npm version 10.2.4
Commits

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about these updates again.


  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Merge request reports