🔼 Updates node Docker tag to v12.22.1
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
node | final | patch |
12.22.0-alpine -> 12.22.1-alpine
|
Release Notes
nodejs/node
v12.22.1
This is a security release.
Notable Changes
Vulnerabilities fixed:
-
CVE-2021-3450: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High)
- This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt
- Impacts:
- All versions of the 15.x, 14.x, 12.x and 10.x releases lines
-
CVE-2021-3449: OpenSSL - NULL pointer deref in signature_algorithms processing (High)
- This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt
- Impacts:
- All versions of the 15.x, 14.x, 12.x and 10.x releases lines
-
CVE-2020-7774: npm upgrade - Update y18n to fix Prototype-Pollution (High)
- This is a vulnerability in the y18n npm module which may be exploited by prototype pollution. You can read more about it in https://github.com/advisories/GHSA-c4w7-xm78-47vh
- Impacts:
- All versions of the 14.x, 12.x and 10.x releases lines
Commits
- [
c947f1a0e1
] - deps: upgrade npm to 6.14.12 (Ruy Adorno) #37918 - [
51a753c06f
] - deps: update archs files for OpenSSL-1.1.1k (Tobias Nießen) #37939 - [
c85a519b48
] - deps: upgrade openssl sources to 1.1.1k (Tobias Nießen) #37939
Renovate configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.