mirror of
https://github.com/nodejs/node.git
synced 2024-11-21 10:59:27 +00:00
2024-07-08, Version 18.20.4 'Hydrogen' (LTS)
This is a security release. Notable changes: * CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High) * CVE-2024-22020 - Bypass network import restriction via data URL (Medium) PR-URL: https://github.com/nodejs-private/node-private/pull/609
This commit is contained in:
parent
53483a1344
commit
4324e11935
@ -86,7 +86,8 @@ release.
|
|||||||
<a href="doc/changelogs/CHANGELOG_V20.md#20.0.0">20.0.0</a><br/>
|
<a href="doc/changelogs/CHANGELOG_V20.md#20.0.0">20.0.0</a><br/>
|
||||||
</td>
|
</td>
|
||||||
<td valign="top">
|
<td valign="top">
|
||||||
<b><a href="doc/changelogs/CHANGELOG_V18.md#18.20.3">18.20.3</a></b><br/>
|
<b><a href="doc/changelogs/CHANGELOG_V18.md#18.20.4">18.20.4</a></b><br/>
|
||||||
|
<a href="doc/changelogs/CHANGELOG_V18.md#18.20.3">18.20.3</a><br/>
|
||||||
<a href="doc/changelogs/CHANGELOG_V18.md#18.20.2">18.20.2</a><br/>
|
<a href="doc/changelogs/CHANGELOG_V18.md#18.20.2">18.20.2</a><br/>
|
||||||
<a href="doc/changelogs/CHANGELOG_V18.md#18.20.1">18.20.1</a><br/>
|
<a href="doc/changelogs/CHANGELOG_V18.md#18.20.1">18.20.1</a><br/>
|
||||||
<a href="doc/changelogs/CHANGELOG_V18.md#18.20.0">18.20.0</a><br/>
|
<a href="doc/changelogs/CHANGELOG_V18.md#18.20.0">18.20.0</a><br/>
|
||||||
|
@ -9,6 +9,7 @@
|
|||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>
|
<td>
|
||||||
|
<a href="#18.20.4">18.20.4</a><br/>
|
||||||
<a href="#18.20.3">18.20.3</a><br/>
|
<a href="#18.20.3">18.20.3</a><br/>
|
||||||
<a href="#18.20.2">18.20.2</a><br/>
|
<a href="#18.20.2">18.20.2</a><br/>
|
||||||
<a href="#18.20.1">18.20.1</a><br/>
|
<a href="#18.20.1">18.20.1</a><br/>
|
||||||
@ -72,6 +73,22 @@
|
|||||||
* [io.js](CHANGELOG_IOJS.md)
|
* [io.js](CHANGELOG_IOJS.md)
|
||||||
* [Archive](CHANGELOG_ARCHIVE.md)
|
* [Archive](CHANGELOG_ARCHIVE.md)
|
||||||
|
|
||||||
|
<a id="18.20.4"></a>
|
||||||
|
|
||||||
|
## 2024-07-08, Version 18.20.4 'Hydrogen' (LTS), @RafaelGSS
|
||||||
|
|
||||||
|
This is a security release.
|
||||||
|
|
||||||
|
### Notable Changes
|
||||||
|
|
||||||
|
* CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High)
|
||||||
|
* CVE-2024-22020 - Bypass network import restriction via data URL (Medium)
|
||||||
|
|
||||||
|
### Commits
|
||||||
|
|
||||||
|
* \[[`85abedf1ff`](https://github.com/nodejs/node/commit/85abedf1ff)] - **lib,esm**: handle bypass network-import via data: (RafaelGSS) [nodejs-private/node-private#522](https://github.com/nodejs-private/node-private/pull/522)
|
||||||
|
* \[[`eccd63b865`](https://github.com/nodejs/node/commit/eccd63b865)] - **src**: handle permissive extension on cmd check (RafaelGSS) [nodejs-private/node-private#596](https://github.com/nodejs-private/node-private/pull/596)
|
||||||
|
|
||||||
<a id="18.20.3"></a>
|
<a id="18.20.3"></a>
|
||||||
|
|
||||||
## 2024-05-21, Version 18.20.3 'Hydrogen' (LTS), @richardlau
|
## 2024-05-21, Version 18.20.3 'Hydrogen' (LTS), @richardlau
|
||||||
|
Loading…
Reference in New Issue
Block a user