www/node16: Update to 16.17.1
ClosedPublic
Actions

Authored by otis on Sep 25 2022, 5:57 AM.

Details

Reviewers

bhughes
lattera-gmail.com

Group Reviewers

portmgr
ports secteam

Commits

R11:2bedef22cc3e: www/node16: Security update to 16.17.1

Summary

Changelog: https://github.com/nodejs/node/releases/tag/v16.17.1

The following CVEs are fixed in this release:

CVE-2022-32212: DNS rebinding in --inspect on macOS
CVE-2022-32213: bypass via obs-fold mechanic
CVE-2022-35255: Weak randomness in WebCrypto keygen
CVE-2022-35256: HTTP Request Smuggling - Incorrect Parsing of Header Fields

Diff Detail

Repository

rP FreeBSD ports repository

Lint

No Lint Coverage

Unit

No Test Coverage

Build Status

Buildable 47519
Build 44406: arc lint + arc unit

Event Timeline

otis created this revision.Sep 25 2022, 5:57 AM

Herald added subscribers: Contributor Reviewers (ports), mat. · View Herald TranscriptSep 25 2022, 5:57 AM

otis requested review of this revision.Sep 25 2022, 5:57 AM

Harbormaster completed remote builds in B47519: Diff 110935.Sep 25 2022, 5:57 AM

Adding relevant reviewers.

@bhughes is not responding in a timely manner and we need to do these updates sooner than after eventual maintainer timeout.

dereks_lifeofadishwasher.com added a subscriber: dereks_lifeofadishwasher.com.Sep 27 2022, 11:43 PM

This revision was not accepted when it landed; it landed in state Needs Review.Oct 16 2022, 4:20 PM

Closed by commit R11:2bedef22cc3e: www/node16: Security update to 16.17.1 (authored by otis, committed by mfechner). · Explain Why

This revision was automatically updated to reflect the committed changes.

mfechner added a commit: R11:2bedef22cc3e: www/node16: Security update to 16.17.1.

Revision Contents
Changeset List

Path

Size

www/

node16/

Makefile

4 lines

distinfo

6 lines

Diff 110935

View Options

www/node16/Makefile