Ubuntu
nodejs package

Change log for nodejs package in Ubuntu

150 of 161 results FirstPreviousLast
Published in focal-updates
Published in focal-security 
nodejs (10.19.0~dfsg-3ubuntu1.2) focal-security; urgency=medium

  * SECURITY UPDATE: Denial of Service
    - debian/patches/CVE-2021-22883.patch: fixed a memory exhaustion in http2
      module
    - CVE-2021-22883
  * SECURITY UPDATE: Remote Code Execution
    - debian/patches/CVE-2021-22884.patch: fixed a DNS rebinding in nodejs
    - CVE-2021-22884

 -- Amir Naseredini <email address hidden>  Fri, 29 Sep 2023 13:26:08 +0100
Superseded in focal-updates
Superseded in focal-security 
nodejs (10.19.0~dfsg-3ubuntu1.1) focal-security; urgency=medium

  * SECURITY UPDATE: Denial of Service
    - debian/patches/CVE-2020-8174.patch: fixed a buffer overflows in nodejs
    - debian/patches/CVE-2020-8265.patch: fixed a use-after-free in TLSWrap
    - debian/patches/CVE-2020-8287.patch: fixed an HTTP Request Smuggling
      issue in Transfer-Encoding
    - CVE-2020-8174
    - CVE-2020-8265
    - CVE-2020-8287
  * debian/patches/test_update_test-tls-passphrase.patch: fixed the error with
    tls-passphrase test

 -- Amir Naseredini <email address hidden>  Thu, 07 Sep 2023 12:20:44 +0100
Published in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
nodejs (18.13.0+dfsg1-1ubuntu2) lunar; urgency=medium

  * Rebuild against latest icu

 -- Jeremy Bicha <email address hidden>  Sun, 26 Feb 2023 13:51:50 -0500
Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
nodejs (18.13.0+dfsg1-1ubuntu1) lunar; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Use gold linker on arm64 to fix a link failure
    - Still use Ubuntu openssl patch and approach, the Debian one
      makes testsuite fail.
    - Fix offset by one in one new test
Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
nodejs (18.13.0+dfsg-1ubuntu3) lunar; urgency=medium

  [ Bo YU ]
  * Fix ftbfs on riscv64. (Closes: #1028404)

  [ Gianfranco Costamagna ]
  * Cherry-pick patch from Bug to Ubuntu

 -- Gianfranco Costamagna <email address hidden>  Wed, 11 Jan 2023 08:34:37 +0100
Superseded in lunar-proposed 
nodejs (18.13.0+dfsg-1ubuntu2) lunar; urgency=medium

  * Fix offset by one in one new test

 -- Gianfranco Costamagna <email address hidden>  Mon, 09 Jan 2023 15:39:45 +0100
Superseded in lunar-proposed 
nodejs (18.13.0+dfsg-1ubuntu1) lunar; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Use gold linker on arm64 to fix a link failure
    - Still use Ubuntu openssl patch and approach, the Debian one
      makes testsuite fail.
Superseded in lunar-proposed 
nodejs (18.12.1+dfsg-2ubuntu1) lunar; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - Use gold linker on arm64 to fix a link failure
    - Still use Ubuntu openssl patch and approach, the Debian one
      makes testsuite fail.

 -- Gianfranco Costamagna <email address hidden>  Thu, 17 Nov 2022 12:27:34 +0100
Superseded in lunar-proposed 
nodejs (18.12.1+dfsg-1ubuntu2) lunar; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - Use gold linker on arm64 to fix a link failure
    - Still use Ubuntu openssl patch and approach, the Debian one
      makes testsuite fail.

 -- Gianfranco Costamagna <email address hidden>  Mon, 07 Nov 2022 08:27:37 +0100
Superseded in lunar-proposed 
nodejs (18.12.1+dfsg-1ubuntu1) lunar; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
Superseded in lunar-proposed 
nodejs (18.12.1+dfsg-1) unstable; urgency=medium

  * New upstream version 18.12.1+dfsg
  * Fixes CVE-2022-43548: DNS rebinding in --inspect via invalid
    octal IP address (Medium).
    Closes: #1023518.
  * Build using gcc-11, g++-11, fixes mips64el and riscv64 builds,
    https://github.com/nodejs/node/issues/44126
  * Patch: fix link to home in html doc. Closes: #1018153

 -- Jérémy Lal <email address hidden>  Sun, 06 Nov 2022 00:14:11 +0100
Superseded in lunar-proposed 
nodejs (18.12.0+dfsg-1ubuntu1) lunar; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
Superseded in lunar-release
Published in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
nodejs (18.7.0+dfsg-5ubuntu1) kinetic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
nodejs (18.7.0+dfsg-4ubuntu1) kinetic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
nodejs (18.7.0+dfsg-1ubuntu2) kinetic; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing

 -- Gianfranco Costamagna <email address hidden>  Wed, 24 Aug 2022 19:52:36 +0200
Superseded in kinetic-proposed 
nodejs (18.7.0+dfsg-1ubuntu1) kinetic; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing

 -- Gianfranco Costamagna <email address hidden>  Wed, 24 Aug 2022 19:52:36 +0200
Superseded in kinetic-proposed 
nodejs (18.7.0+dfsg-1) unstable; urgency=medium

  * New upstream version 18.7.0+dfsg
  * Update flaky riscv64: sequential/test-cpu-prof-drained.
    Closes: #1016707.
  * copyright: deps/base64 BSD-2-clause

 -- Jérémy Lal <email address hidden>  Fri, 12 Aug 2022 17:21:50 +0200
Superseded in kinetic-proposed 
nodejs (18.6.0+dfsg-3ubuntu1) kinetic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
  * Drop delta now part of upstream codebase
    - d/p/v16.x-backport-src-add-openssl-legacy-provider-optio.patch:
      Add support for --openssl-legacy-provider option.
  * Attempt to drop delta causing build fixes on arm64
    - Use gold linker on arm64
Superseded in kinetic-proposed 
nodejs (18.6.0+dfsg-3) unstable; urgency=medium

  * Patch: add sequential/test-worker-prof to failing riscv64 tests

 -- Jérémy Lal <email address hidden>  Mon, 18 Jul 2022 23:22:08 +0200
Superseded in kinetic-proposed 
nodejs (16.15.1+dfsg-1ubuntu1) kinetic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - d/p/v16.x-backport-src-add-openssl-legacy-provider-optio.patch:
      Add support for --openssl-legacy-provider option.
    - Use gold linker on arm64
Superseded in kinetic-proposed 
nodejs (16.15.1+dfsg-1) unstable; urgency=medium

  * New upstream version 16.15.1+dfsg
  * Fix completion generation, support "nodejs" cli
    Closes: #977792
  * Patch to fix mipsel crypto init error strings (Closes: #1011101)
  * Patch: more flaky riscv64 cpu tests (Closes: #1012670)

 -- Jérémy Lal <email address hidden>  Mon, 13 Jun 2022 09:11:34 +0200
Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
nodejs (16.14.2+dfsg1-1ubuntu3) kinetic; urgency=medium

  * d/p/v16.x-backport-src-add-openssl-legacy-provider-optio.patch:
    Add support for --openssl-legacy-provider option. (LP: #1974226)

 -- Sergio Durigan Junior <email address hidden>  Thu, 19 May 2022 14:48:24 -0400
Superseded in kinetic-proposed 
nodejs (16.14.2+dfsg1-1ubuntu2) kinetic; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
    - Try gold linker on arm64

 -- Gianfranco Costamagna <email address hidden>  Tue, 17 May 2022 08:09:26 +0200
Superseded in kinetic-proposed 
nodejs (16.14.2+dfsg1-1ubuntu1) kinetic; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
    - lower debug symbols and parallelism on arm64

 -- Gianfranco Costamagna <email address hidden>  Tue, 17 May 2022 08:09:26 +0200
Superseded in kinetic-proposed 
nodejs (16.14.2+dfsg-5ubuntu3) kinetic; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - Ubuntu is switching to openssl v3, however nodejs v12 must remain on
      openssl v1.1.1 abi. Thus switch from using shared system openssl to
      the vendored one.
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
    - lower debug symbols and parallelism on arm64
    - disable openssl asm on riscv64

 -- Gianfranco Costamagna <email address hidden>  Sat, 07 May 2022 08:16:43 +0200
Superseded in kinetic-proposed 
nodejs (16.14.2+dfsg-5ubuntu1) kinetic; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - Ubuntu is switching to openssl v3, however nodejs v12 must remain on
      openssl v1.1.1 abi. Thus switch from using shared system openssl to
      the vendored one.
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing

 -- Gianfranco Costamagna <email address hidden>  Tue, 03 May 2022 09:18:21 +0200
Superseded in kinetic-proposed 
nodejs (16.13.2+really14.19.1~dfsg-6ubuntu1) kinetic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Ubuntu is switching to openssl v3, however nodejs v12 must remain on
      openssl v1.1.1 abi. Thus switch from using shared system openssl to
      the vendored one.
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
    - Cherry-pick upstream 7232c2a1604d241ce0455d919ba9b0b8e9959f81
      to fix a build failure with new glibc
Superseded in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
nodejs (12.22.9~dfsg-1ubuntu3) jammy; urgency=medium

  * No-change rebuild for icu soname change.

 -- Matthias Klose <email address hidden>  Wed, 09 Feb 2022 05:41:38 +0100
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
nodejs (12.22.9~dfsg-1ubuntu2) jammy; urgency=medium

  * Cherry-pick Python 3.10 upstream fixes:
    - debian/patches/24c403cfaf8bdbcd8b19037531c8998709d2b949.patch:
    - debian/patches/e548e053a2fda35f38272fb023f543e52ae77566.patch:

 -- Gianfranco Costamagna <email address hidden>  Mon, 31 Jan 2022 23:17:20 +0100
Superseded in jammy-proposed 
nodejs (12.22.9~dfsg-1ubuntu1) jammy; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Ubuntu is switching to openssl v3, however nodejs v12 must remain on
      openssl v1.1.1 abi. Thus switch from using shared system openssl to
      the vendored one.
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
    - Cherry-pick upstream 7232c2a1604d241ce0455d919ba9b0b8e9959f81
      to fix a build failure with new glibc
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
nodejs (12.22.7~dfsg-2ubuntu3) jammy; urgency=medium

  * d/p/make-docs.patch: updated to take into account the API break in js-yaml

 -- Simon Chopin <email address hidden>  Fri, 03 Dec 2021 18:16:44 +0100
Superseded in jammy-proposed 
nodejs (12.22.7~dfsg-2ubuntu2) jammy; urgency=medium

  * Ubuntu is switching to openssl v3, however nodejs v12 must remain on
    openssl v1.1.1 abi. Thus switch from using shared system openssl to
    the vendored one.

 -- Dimitri John Ledkov <email address hidden>  Thu, 02 Dec 2021 19:33:41 +0000
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
nodejs (12.22.7~dfsg-2ubuntu1) jammy; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
    - Cherry-pick upstream 7232c2a1604d241ce0455d919ba9b0b8e9959f81
      to fix a build failure with new glibc
Superseded in jammy-release
Obsolete in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
nodejs (12.22.5~dfsg-5ubuntu1) impish; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
    - Cherry-pick upstream 7232c2a1604d241ce0455d919ba9b0b8e9959f81
      to fix a build failure with new glibc
Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
nodejs (12.22.5~dfsg-2ubuntu2) impish; urgency=medium

  * Cherry-pick upstream 7232c2a1604d241ce0455d919ba9b0b8e9959f81
    to fix a build failure with new glibc

 -- Gianfranco Costamagna <email address hidden>  Wed, 18 Aug 2021 09:51:31 +0200
Superseded in impish-proposed 
nodejs (12.22.5~dfsg-2ubuntu1) impish; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
nodejs (12.22.4~dfsg-1ubuntu1) impish; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
nodejs (12.21.0~dfsg-5ubuntu1) impish; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
nodejs (12.21.0~dfsg-4ubuntu1) impish; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
Superseded in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: Moved to hirsute) 
nodejs (12.21.0~dfsg-3ubuntu1) hirsute; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
nodejs (12.21.0~dfsg-1ubuntu1) hirsute; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing

 -- Gianfranco Costamagna <email address hidden>  Thu, 25 Feb 2021 21:22:47 +0100
Superseded in hirsute-proposed 
nodejs (12.21.0~dfsg-1) unstable; urgency=high

  * New upstream version 12.21.0~dfsg
    Fixed vulnerabilities:
    + CVE-2021-22883: HTTP2 'unknownProtocol' cause DoS
      by resource exhaustion
    + CVE-2021-22884: localhost6 DNS rebinding in --inspect

 -- Jérémy Lal <email address hidden>  Tue, 23 Feb 2021 19:14:23 +0100
Superseded in hirsute-proposed 
nodejs (12.20.2~dfsg-2ubuntu1) hirsute; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing

 -- Gianfranco Costamagna <email address hidden>  Sun, 14 Feb 2021 23:54:18 +0100
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
nodejs (12.20.1~dfsg-3ubuntu1) hirsute; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing

 -- Gianfranco Costamagna <email address hidden>  Mon, 11 Jan 2021 15:21:40 +0100
Superseded in hirsute-proposed 
nodejs (12.20.1~dfsg-1ubuntu1) hirsute; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
nodejs (12.19.0~dfsg-1ubuntu1) hirsute; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
Superseded in hirsute-release
Obsolete in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
nodejs (12.18.2~dfsg-1ubuntu2) groovy; urgency=medium

  * debian/patches/3f071e3.patch:
  * debian/patches/1a9c676a141b32483b48884f8cc0330e64c8e17f.patch:
    - cherry-pick two upstream changes in v8 to fix a testsuite failure on
      ppc64el for some sha1 calculation errors (LP: #1887144)

 -- Gianfranco Costamagna <email address hidden>  Wed, 19 Aug 2020 20:47:23 +0200
Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
nodejs (10.19.0~dfsg-3ubuntu2) groovy; urgency=medium

  * No-change rebuild against libicu67

 -- Steve Langasek <email address hidden>  Wed, 12 Aug 2020 16:50:34 -0700
Superseded in groovy-proposed
Deleted in groovy-proposed (Reason: Temporary removal to allow icu transition to complete) 
nodejs (12.18.2~dfsg-1ubuntu1) groovy; urgency=medium

  * Merge from Debian (LP: #1882185). Remaining changes:
    - debian/control:
      + change python build dependency to python2
    - debian/tests/control: change python test dependency to python2
    - debian/patches/python2.patch: explicitly invoke python2 in tests
    - debian/patches/test-lowerseclevel.patch: lower SECLEVEL in the
      openssl.cnf used for testing
Superseded in groovy-proposed 
nodejs (12.18.1~dfsg-1ubuntu2) groovy; urgency=medium

  * No change rebuild against new icu ABI.

 -- Dimitri John Ledkov <email address hidden>  Mon, 27 Jul 2020 16:44:23 +0100
150 of 161 results FirstPreviousLast