-
Thu Mar 21 2024 David Sloboda <david.x.sloboda@oracle.com> - 1:16.20.2-4.0.1
- reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks
Resolves: CVE-2024-22019
-
Thu Oct 19 2023 David Sloboda <david.x.sloboda@oracle.com> - 1:16.20.2-3.0.1
- Update nghttp2 to 1.57.0
Resolves: CVE-2023-44487
-
Tue Sep 26 2023 Pooja Senthil Kumar <pooja.senthil.kumar@oracle.com> - 1:16.20.2-2
- Rebase to 16.20.2
Resolves: rhbz#2231866
Resolves: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559
-
Thu Jul 13 2023 Jan Staněk <jstanek@redhat.com> - 1:16.20.1-1
- Rebase to 16.20.1
Resolves: rhbz#2188289
Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590
- Replace /usr/etc/npmrc symlink with builtin configuration
Resolves: rhbz#2222288
-
Wed May 31 2023 Jan Staněk <jstanek@redhat.com> - 1:16.19.1-2
- Update bundled c-ares to 1.19.1
Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067
-
Mon Feb 27 2023 Jan Staněk <jstanek@redhat.com> - 1:16.19.1-1
- Rebase to 16.19.1
Resolves: rhbz#2153713
Resolves: CVE-2023-23918 CVE-2023-23919 CVE-2023-23936 CVE-2023-24807 CVE-2023-23920
Resolves: CVE-2022-25881 CVE-2022-4904
-
Wed Dec 07 2022 Jan Staněk <jstanek@redhat.com> - 1:16.18.1-3
- Update sources of undici WASM blobs
Resolves: rhbz#2151546
-
Fri Dec 02 2022 Jan Staněk <jstanek@redhat.com> - 1:16.18.1-2
- Record CVE references already addressed in this or previous upstream versions
Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824
-
Wed Nov 16 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.18.1-1
- Rebase + CVE fixes
- Resolves: #2121024
- Resolves: #2135490, #2140926
-
Fri Oct 07 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.17.1-1
- Rebase to version 16.17.1
- Resolves: CVE-2022-35255 CVE-2022-35256