[ubuntu/hirsute-proposed] nodejs 12.20.1~dfsg-1ubuntu1 (Accepted)

Gianfranco Costamagna locutusofborg at debian.org
Sun Jan 10 16:54:21 UTC 2021 

nodejs (12.20.1~dfsg-1ubuntu1) hirsute; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing

nodejs (12.20.1~dfsg-1) unstable; urgency=medium

  * New upstream version 12.20.1~dfsg. Closes: #979364.
    Fixed vulnerabilities:
    + CVE-2020-8265: use-after-free in TLSWrap (High)
    + CVE-2020-8287: HTTP Request Smuggling (Low)
  * Patch to always use pure javascript cjs lexer instead
    of wasm files that can't be generated with currently
    available packages.
  * copyright: cjs-module-lexer is expat
  * copyright: exclude cjs-module-lexer unbuildable files
  * copyright: fix some copyright years
  * lintian-overrides: false positive for a unicode regexp
  * copyright: shjs is no longer used

Date: Sun, 10 Jan 2021 17:52:34 +0100
Changed-By: Gianfranco Costamagna <locutusofborg at debian.org>
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel at alioth-lists.debian.net>
https://launchpad.net/ubuntu/+source/nodejs/12.20.1~dfsg-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 10 Jan 2021 17:52:34 +0100
Source: nodejs
Architecture: source
Version: 12.20.1~dfsg-1ubuntu1
Distribution: hirsute
Urgency: medium
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel at alioth-lists.debian.net>
Changed-By: Gianfranco Costamagna <locutusofborg at debian.org>
Closes: 979364
Changes:
 nodejs (12.20.1~dfsg-1ubuntu1) hirsute; urgency=low
 .
   * Merge from Debian unstable. Remaining changes:
     - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
       openssl.cnf used for testing
 .
 nodejs (12.20.1~dfsg-1) unstable; urgency=medium
 .
   * New upstream version 12.20.1~dfsg. Closes: #979364.
     Fixed vulnerabilities:
     + CVE-2020-8265: use-after-free in TLSWrap (High)
     + CVE-2020-8287: HTTP Request Smuggling (Low)
   * Patch to always use pure javascript cjs lexer instead
     of wasm files that can't be generated with currently
     available packages.
   * copyright: cjs-module-lexer is expat
   * copyright: exclude cjs-module-lexer unbuildable files
   * copyright: fix some copyright years
   * lintian-overrides: false positive for a unicode regexp
   * copyright: shjs is no longer used
Checksums-Sha1:
 7f8af2b885505c0ad85fb64f7536d1107586084e 3453 nodejs_12.20.1~dfsg-1ubuntu1.dsc
 3d9244fa2ed24aafa75924c7998c0f00ce478f7a 85444 nodejs_12.20.1~dfsg.orig-types-node.tar.xz
 593071b6c5765dc98b7dc7cb76026feb21ede4a0 18558244 nodejs_12.20.1~dfsg.orig.tar.xz
 08b7ab90f6a83be1b67a9ab43e302292533990af 135376 nodejs_12.20.1~dfsg-1ubuntu1.debian.tar.xz
 ac8e0306c6e8ef3da4ab3fddb6db837fb9b69a85 15240 nodejs_12.20.1~dfsg-1ubuntu1_source.buildinfo
Checksums-Sha256:
 37015bd98ee5c6ef2cef22ebcdaaf2dc060d2a5f86690af070a5344c63db972a 3453 nodejs_12.20.1~dfsg-1ubuntu1.dsc
 ad7f1131cb433ff0c472c4c4aef5b60690430d7e230b857666ba08d7537e6f70 85444 nodejs_12.20.1~dfsg.orig-types-node.tar.xz
 8be643fbbf0720839dd653a638a5c55263a0636450bf00c62470eb5e80af1325 18558244 nodejs_12.20.1~dfsg.orig.tar.xz
 ea4791fe71bb9921db0d8ac30b427da74d7a1d520d7e7079cae3bb91aba19d8d 135376 nodejs_12.20.1~dfsg-1ubuntu1.debian.tar.xz
 8f981525964d960ff3a1993953587692f7a3718e6538374ff94441274455685d 15240 nodejs_12.20.1~dfsg-1ubuntu1_source.buildinfo
Files:
 e276441aee44ed6f2cf25c7970c72b8d 3453 javascript optional nodejs_12.20.1~dfsg-1ubuntu1.dsc
 307d240b33772672fc28f0407be6ce71 85444 javascript optional nodejs_12.20.1~dfsg.orig-types-node.tar.xz
 31588fac609b2171c1c63f7c90f56eba 18558244 javascript optional nodejs_12.20.1~dfsg.orig.tar.xz
 230ac31f76536d4b48c4e0a510d5f0c8 135376 javascript optional nodejs_12.20.1~dfsg-1ubuntu1.debian.tar.xz
 865df6a836dbf7d53f004f477b539646 15240 javascript optional nodejs_12.20.1~dfsg-1ubuntu1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEkpeKbhleSSGCX3/w808JdE6fXdkFAl/7MO8ACgkQ808JdE6f
XdknQBAAtgIPGFMuASdyxMxhEQ7h5XrYCTzYEhMUAVeCBT87+n9AcRB5a6NXN8El
YmBt0SOofodwsReTerIk/4c8aVHmLHfxLboaw1KmJ6FfZfVoE6fl4J+i3uVxlnzf
b+opnl09CDKtk1+dLGjIZouy2Wn/2o48eOF73UgfxaQpmwzdk6Aw8QOi/wymZX5o
HipjKoamFA5FbGalMm0HzQ7XZmrJnY9i6GZLXUZN9Wr1XqDr7VnOafVcA2pgPIOm
GjZj4Hkp2QVS7O2q90cUTNWzL1Vj6jAqklNxO06NMS0gPFd/pgJQF0HHbgrVed3a
fyFUG888pozr7cjIMjBoRfnWfyLLV7+f3YGyQgcAWCIJgqUubV1DmNZ0p4QBjDhc
/V9aGRKDfB8qie/CnGmyb6KZZAP2OcDLcZxfrDfDcBXK8jUGFZFVDOudPgYhrkcv
YDy7VJnOWcp6+kN6MabY2GuRwhY57mA6xUcuzvjzaAZD/mGKrgBc+G6IYgeA1ep0
nL/Xld55kUqeUp/xSCVsOW40jzYJcCyOxJm+uwY/WIeMXCxyo8tVXzBxrqSkWLT7
ZvuU9QQ6drv0yxXl1OHEdln2zYb/ISx9JIi8kmmHZEBeqfrerbDW9EkIYxW+mc4C
UBQ4ScQCzlT18UngqmBXGp9ePsQ35+OLWmnQI4I/jKfghpPx0gY=
=o+93
-----END PGP SIGNATURE-----

More information about the Hirsute-changes mailing list