This is a security release.
Notable Changes
* (CVE-2026-21637) wrap SNICallback invocation in try/catch (Matteo Collina) - High
* (CVE-2026-21710) use null prototype for headersDistinct/trailersDistinct (Matteo Collina) - High
* (CVE-2026-21713) use timing-safe comparison in Web Cryptography HMAC (Filip Skokan) - Medium
* (CVE-2026-21714) handle NGHTTP2_ERR_FLOW_CONTROL error code (RafaelGSS) - Medium
* (CVE-2026-21717) test array index hash collision (Joyee Cheung) - Medium
* (CVE-2026-21715) add permission check to realpath.native (RafaelGSS) - Low
* (CVE-2026-21716) include permission check on lib/fs/promises (RafaelGSS) - Low
Signed-off-by: Hirokazu MORIKAWA <redacted>
include $(TOPDIR)/rules.mk
PKG_NAME:=node
-PKG_VERSION:=22.22.0
+PKG_VERSION:=22.22.2
PKG_RELEASE:=1
NODE_MODULE_VERSION:=127
PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://nodejs.org/dist/v$(PKG_VERSION)
-PKG_HASH:=5a4585d7f26bfb283267194b299243efea5ee6edd2fbf887825469b4ac94aece
+PKG_HASH:=f4b9606f33aef725a77b6292460102b48b80902571a8bb94cd769837ee0577df
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-v$(PKG_VERSION)
-NODEJS_BIN_SUM:=c33c39ed9c80deddde77c960d00119918b9e352426fd604ba41638d6526a4744
+NODEJS_BIN_SUM:=978978a635eef872fa68beae09f0aad0bbbae6757e444da80b570964a97e62a3
HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/$(PKG_NAME)-v$(PKG_VERSION)
PKG_MAINTAINER:=Hirokazu MORIKAWA <morikw2@gmail.com>, Adrian Panella <ianchi74@outlook.com>
git.99rst.org / openwrt-packages.git / commitdiff