diff options
author | Richard Lau <rlau@redhat.com> | 2023-02-13 17:01:39 +0000 |
---|---|---|
committer | Richard Lau <rlau@redhat.com> | 2023-02-16 16:11:10 -0500 |
commit | 6aca711858cc8d4b011384977c543d65ed17aeab (patch) | |
tree | 14758bdf866b31cde8bfba6e242ac14213e83ee6 /CHANGELOG.md | |
parent | cbcefdf253c39c940acba17c38ee50f0584725e4 (diff) | |
download | node-new-6aca711858cc8d4b011384977c543d65ed17aeab.tar.gz |
2023-02-16, Version 14.21.3 'Fermium' (LTS)
This is a security release.
Notable changes:
The following CVEs are fixed in this release:
* CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High)
* CVE-2023-23920: Node.js insecure loading of ICU data through ICU_DATA environment variable (Low)
* OpenSSL 1.1.1t
* npm 6.14.18
PR-URL: https://github.com/nodejs-private/node-private/pull/389
Refs: https://nodejs.org/en/blog/vulnerability/february-2023-security-releases
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r-- | CHANGELOG.md | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 794ba07b20..59845c84f1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -99,7 +99,8 @@ release. <a href="doc/changelogs/CHANGELOG_V16.md#16.0.0">16.0.0</a><br/> </td> <td valign="top"> -<b><a href="doc/changelogs/CHANGELOG_V14.md#14.21.2">14.21.2</a></b><br/> +<b><a href="doc/changelogs/CHANGELOG_V14.md#14.21.3">14.21.3</a></b><br/> +<a href="doc/changelogs/CHANGELOG_V14.md#14.21.2">14.21.2</a><br/> <a href="doc/changelogs/CHANGELOG_V14.md#14.21.1">14.21.1</a><br/> <a href="doc/changelogs/CHANGELOG_V14.md#14.21.0">14.21.0</a><br/> <a href="doc/changelogs/CHANGELOG_V14.md#14.20.1">14.20.1</a><br/> |