summaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-devtools/nodejs/nodejs_22.22.2.bb
Commit message (Collapse)AuthorAgeFilesLines
* nodejs: mark CVE-2026-21710 patchedGyorgy Sarvari2026-05-081-0/+1
| | | | | | | | | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2026-21710 The CVE is fixed in the current recipe version[1], but NVD tracks it without verison info. Mark it as patched in the recipe. [1]: https://github.com/nodejs/node/blob/v22.x/doc/changelogs/CHANGELOG_V22.md Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com> (cherry picked from commit b483760dba76bb66bad820ea0246a38692c28c45) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
* nodejs: ignore fixed CVEsGyorgy Sarvari2026-04-241-0/+7
| | | | | | | | | | | | | All these CVEs are fixed in v22.22.2[1], except for CVE-2026-21712, which does not affect v22 series, because it was introduced in a later version[2]. All these CVEs are tracked without version info by NVD at the time of creating this patch. [1]: https://github.com/nodejs/node/blob/v22.x/doc/changelogs/CHANGELOG_V22.md [2]: https://nodejs.org/en/blog/vulnerability/march-2026-security-releases Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
* nodejs: upgrade 22.22.1 -> 22.22.2Jason Schonberg2026-04-241-0/+219
This is the March 2026 security release. 2 high severity issues. 5 medium severity issues. 2 low severity issues. High priority fixes: CVE-2026-21637 CVE-2026-21710 Medium priority fixes: CVE-2026-21711 (affects only nodejs v25) CVE-2026-21712 (affects only nodejs v24 & v25) CVE-2026-21713 CVE-2026-21714 CVE-2026-21717 Low priority fixes: CVE-2026-21715 CVE-2026-21716 https://nodejs.org/en/blog/vulnerability/march-2026-security-releases Changelog: https://github.com/nodejs/node/releases/tag/v22.22.2 Signed-off-by: Jason Schonberg <schonm@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com> (cherry picked from commit d32cd27eaaa13b296c268df234d2fb2cefa62946) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>