-
Mon Aug 05 2024 Honza Horak <hhorak@redhat.com> - 1:20.16.0-1
- Update to 20.16.0
Fixes: CVE-2024-36137 CVE-2024-22018 CVE-2024-22020
-
Tue Apr 16 2024 Jan Staněk <jstanek@redhat.com> - 1:20.12.2-2
- Backport nghttp2 patch for CVE-2024-28182
-
Tue Apr 16 2024 Jan Staněk <jstanek@redhat.com> - 1:20.12.2-1
- Rebase to version 20.12.0
Addresses CVE-2024-27983 CVE-2024-27982 CVE-2024-22025 (node)
Addresses CVE-2024-25629 (c-ares)
-
Wed Feb 21 2024 Lukas Javorsky <ljavorsk@redhat.com> - 1:20.11.1-1
- Rebase to version 20.11.1
- Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 (high)
- Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 (medium)
-
Fri Jan 19 2024 Lukas Javorsky <ljavorsk@redhat.com> - 1:20.11.0-1
- Rebase to version 20.11.0
- Resolves: RHEL-21434
-
Thu Nov 09 2023 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:20.9.0-1
- Rebase to LTS
- Resolves: RHEL-16159
-
Wed Oct 18 2023 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:20.8.1-1
- Update node and nghttp
- Add fips patch
- Fixes CVE-2023-44487 (nghttp)
- Fixes CVE-2023-45143, CVE-2023-39331, CVE-2023-39332, CVE-2023-38552, CVE-2023-39333
-
Thu Aug 10 2023 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:20.5.1-1
- Rebase to new security release
- Address CVE-2023-32002, CVE-2023-32004, CVE-2023-32558 (high)
- Address CVE-2023-32006, CVE-2023-32559 (medium)
- Address CVE-2023-32005, CVE-2023-32003 (low)
- Resolves: #2186718
- Resolves RHELPLAN-155624
-
Thu Jul 27 2023 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:20.5.0-1
- Update to v20.5.0
- Remove dtrace support
- bcond corepack, so we don't provide it by default
- Decrease debuginfo verbosity for all arches
- Resolves: #2186718
- Resolves RHELPLAN-155624
-
Wed Jul 12 2023 Jan Staněk <jstanek@redhat.com> - 1:18.16.1-1
- Rebase to 18.16.1
Resolves: rhbz#2188290 rhbz#2166926
Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590
- Replace /usr/etc/npmrc symlink with builtin configuration
Resolves: rhbz#2222287