Page MenuHomeFreeBSD

www/node16: Update to 16.17.1
ClosedPublic

Authored by otis on Sep 25 2022, 5:57 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Oct 12, 2:24 PM
Unknown Object (File)
Fri, Oct 3, 4:20 PM
Unknown Object (File)
Wed, Oct 1, 11:24 AM
Unknown Object (File)
Tue, Sep 30, 8:11 PM
Unknown Object (File)
Sun, Sep 21, 7:25 AM
Unknown Object (File)
Fri, Sep 19, 11:58 PM
Unknown Object (File)
Sep 5 2025, 10:15 PM
Unknown Object (File)
Sep 5 2025, 9:04 PM

Details

Summary

Changelog: https://github.com/nodejs/node/releases/tag/v16.17.1

The following CVEs are fixed in this release:

CVE-2022-32212: DNS rebinding in --inspect on macOS
CVE-2022-32213: bypass via obs-fold mechanic
CVE-2022-35255: Weak randomness in WebCrypto keygen
CVE-2022-35256: HTTP Request Smuggling - Incorrect Parsing of Header Fields

Diff Detail

Repository
R11 FreeBSD ports repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

otis requested review of this revision.Sep 25 2022, 5:57 AM
otis added a subscriber: bhughes.

Adding relevant reviewers.

@bhughes is not responding in a timely manner and we need to do these updates sooner than after eventual maintainer timeout.

This revision was not accepted when it landed; it landed in state Needs Review.Oct 16 2022, 4:20 PM
This revision was automatically updated to reflect the committed changes.