Update dependency node to v18.12.1
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
node | ironbank-docker | patch |
18.12.0 -> 18.12.1
|
node | patch |
18.12.0 -> 18.12.1
|
|
node | stage | patch |
18.12.0 -> 18.12.1
|
Release Notes
nodejs/node
v18.12.1
This is a security release.
Notable changes
The following CVEs are fixed in this release:
- CVE-2022-3602: X.509 Email Address 4-byte Buffer Overflow (High)
- CVE-2022-3786: X.509 Email Address Variable Length Buffer Overflow (High)
- CVE-2022-43548: DNS rebinding in --inspect via invalid octal IP address (Medium)
More detailed information on each of the vulnerabilities can be found in November 2022 Security Releases blog post.
Commits
- [
39f8a672e3
] - deps: update archs files for quictls/openssl-3.0.7+quic nodejs/node#45286 - [
80218127c8
] - deps: upgrade openssl sources to quictls/openssl-3.0.7+quic nodejs/node#45286 - [
165342beac
] - inspector: harden IP address validation again (Tobias Nießen) nodejs-private/node-private#354
Configuration
-
If you want to rebase/retry this MR, click this checkbox.
This MR has been generated by Renovate Bot.