Update Node.js to v18.12.1 #547

renovate · 2022-11-08T01:51:56Z

This PR contains the following updates:

Package	Update	Change
node	patch	`18.12.0` -> `18.12.1`

nodejs/node

This is a security release.

The following CVEs are fixed in this release:

CVE-2022-3602: X.509 Email Address 4-byte Buffer Overflow (High)
CVE-2022-3786: X.509 Email Address Variable Length Buffer Overflow (High)
CVE-2022-43548: DNS rebinding in --inspect via invalid octal IP address (Medium)

More detailed information on each of the vulnerabilities can be found in November 2022 Security Releases blog post.

[39f8a672e3] - deps: update archs files for quictls/openssl-3.0.7+quic nodejs/node#45286
[80218127c8] - deps: upgrade openssl sources to quictls/openssl-3.0.7+quic nodejs/node#45286
[165342beac] - inspector: harden IP address validation again (Tobias Nießen) nodejs-private/node-private#354

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

Update Node.js to v18.12.1

efb61ca

renovate bot added the dependencies label Nov 8, 2022

renovate bot merged commit c3501db into master Nov 8, 2022

renovate bot deleted the renovate/node-18.x branch November 8, 2022 01:51

Provide feedback