-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Node v20.15.1 nsolid v5.3.1 release #153
Node v20.15.1 nsolid v5.3.1 release #153
Commits on Jun 20, 2024
-
Configuration menu - View commit details
-
Copy full SHA for d162dca - Browse repository at this point
Copy the full SHA d162dcaView commit details
Commits on Jul 3, 2024
-
lib,permission: disable fchmod/fchown when pm enabled
PR-URL: nodejs-private/node-private#584 Refs: https://hackerone.com/reports/2472071 CVE-ID: CVE-2024-36137
Configuration menu - View commit details
-
Copy full SHA for d38ea17 - Browse repository at this point
Copy the full SHA d38ea17View commit details -
lib,permission: support fs.lstat
PR-URL: nodejs-private/node-private#486 Backport-PR-URL: nodejs-private/node-private#604 CVE-ID: CVE-2024-22018
Configuration menu - View commit details
-
Copy full SHA for 025cbd6 - Browse repository at this point
Copy the full SHA 025cbd6View commit details -
src,permission: resolve path on fs_permission
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com> PR-URL: nodejs/node#52761 Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 484cb0f - Browse repository at this point
Copy the full SHA 484cb0fView commit details -
src: handle permissive extension on cmd check
PR-URL: nodejs-private/node-private#596 Backport-PR-URL: nodejs-private/node-private#605 CVE-ID: CVE-2024-36138
Configuration menu - View commit details
-
Copy full SHA for 1ba624c - Browse repository at this point
Copy the full SHA 1ba624cView commit details -
lib,esm: handle bypass network-import via data:
PR-URL: nodejs-private/node-private#522 CVE-ID: CVE-2024-22020
Configuration menu - View commit details
-
Copy full SHA for 60e184a - Browse repository at this point
Copy the full SHA 60e184aView commit details -
src,permission: fix UNC path resolution
PR-URL: nodejs-private/node-private#581 CVE-ID: CVE-2024-37372
Configuration menu - View commit details
-
Copy full SHA for 2524d00 - Browse repository at this point
Copy the full SHA 2524d00View commit details -
2024-07-08, Version 20.15.1 'Iron' (LTS)
This is a security release. Notable changes: * CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High) * CVE-2024-22020 - Bypass network import restriction via data URL (Medium) * CVE-2024-22018 - fs.lstat bypasses permission model (Low) * CVE-2024-36137 - fs.fchown/fchmod bypasses permission model (Low) * CVE-2024-37372 - Permission model improperly processes UNC paths (Low) PR-URL: nodejs-private/node-private#608
Configuration menu - View commit details
-
Copy full SHA for a407d1f - Browse repository at this point
Copy the full SHA a407d1fView commit details
Commits on Jul 8, 2024
-
Merge tag 'v20.15.1' into node-v20.15.1-nsolid-v5.3.1-release
2024-07-08 Node.js v20.15.1 'Iron' (LTS) Release Git-EVTag-v0-SHA512: a9761cc35145f50e8e3606a285e2843b47e6b430b650c7449fcf4e246b064ff29e74b301dd9b92c0bdd022a8c8aec4a46cb43473864f0d4591f9f4052e1130bf
Configuration menu - View commit details
-
Copy full SHA for 9d83482 - Browse repository at this point
Copy the full SHA 9d83482View commit details -
2024-07-08, Version 20.15.1-nsolid-v5.3.1 'Iron'
PR-URL: #153 Reviewed-by: Juan José Arboleda <soyjuanarbol@gmail.com> Reviewed-by: RafaelGSS <rafael.nunu@hotmail.com>
Configuration menu - View commit details
-
Copy full SHA for b165ab2 - Browse repository at this point
Copy the full SHA b165ab2View commit details