git.99rst.org Git - openwrt-packages.git/commit

author	Hirokazu MORIKAWA <redacted>
	Thu, 10 Aug 2023 05:21:46 +0000 (14:21 +0900)
committer	Hannu Nyman <redacted>
	Thu, 10 Aug 2023 17:02:25 +0000 (20:02 +0300)
commit	23f3eb847d152c751005276a0b2388820c806048
tree	ac725b6fc299ca8a61cc099a892c6f927e139c03	tree \| snapshot
parent	13647da79da98121ed751973125f30f7d18ec85e	commit \| diff

node: August 2023 Security Releases

Update to v18.17.1
This is a security release.

Notable Changes
The following CVEs are fixed in this release:
* CVE-2023-32002: Policies can be bypassed via Module._load (High)
* CVE-2023-32006: Policies can be bypassed by module.constructor.createRequire (Medium)
* CVE-2023-32559: Policies can be bypassed via process.binding (Medium)
* OpenSSL Security Releases  (Depends on shared library provided by OpenWrt)
    * OpenSSL security advisory 14th July.
    * OpenSSL security advisory 19th July.
    * OpenSSL security advisory 31st July

Signed-off-by: Hirokazu MORIKAWA <redacted>