deps: update OpenSSL to 3.0.13+quic1 #51614
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nodejs-github-bot
added
the
dependencies
|
Review requested:
|
nodejs-github-bot
added
needs-ci
richardlau
added
request-ci
github-actions
bot
removed
the
request-ci
richardlau
approved these changes
Jan 31, 2024
marco-ippolito
approved these changes
Jan 31, 2024
RafaelGSS
approved these changes
Jan 31, 2024
lpinca
approved these changes
Jan 31, 2024
aduh95
added
the
commit-queue
nodejs-github-bot
removed
the
commit-queue
|
Landed in 68885d5...f09e9ad |
nodejs-github-bot
added a commit
that referenced
this pull request
Feb 2, 2024
PR-URL: #51614 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com>
nodejs-github-bot
added a commit
that referenced
this pull request
Feb 2, 2024
PR-URL: #51614 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com>
rdw-msft
pushed a commit
to rdw-msft/node
that referenced
this pull request
Feb 9, 2024
PR-URL: nodejs#51614 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com>
rdw-msft
pushed a commit
to rdw-msft/node
that referenced
this pull request
Feb 9, 2024
PR-URL: nodejs#51614 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com>
RafaelGSS
pushed a commit
that referenced
this pull request
Feb 14, 2024
This is a security release. Notable changes: crypto: * update root certificates to NSS 3.95 (Node.js GitHub Bot) #50805 * disable PKCS#1 padding for privateDecrypt (Michael Dawson) nodejs-private/node-private#525 deps: * upgrade npm to 10.2.4 (npm team) #50751 * update archs files for openssl-3.0.13+quic1 (Node.js GitHub Bot) #51614 * upgrade openssl sources to quictls/openssl-3.0.13+quic1 (Node.js GitHub Bot) ://github.com//pull/51614 * fix GHSA-f74f-cvh7-c6q6/CVE-2024-24806 (Santiago Gimeno) #51614 http: * add maximum chunk extension size (Paolo Insogna) nodejs-private/node-private#520 lib: * update undici to v5.28.3 (Matteo Collina) nodejs-private/node-private#536 src: * fix HasOnly(capability) in node::credentials (Tobias Nießen) nodejs-private/node-private#505 test: * skip test-child-process-stdio-reuse-readable-stdio on Windows (Joyee Cheung) #49621 tools: * add macOS notarization verification step (Ulises Gascón) #50833 * use macOS keychain to notarize the releases (Ulises Gascón) #50715 * remove unused file (Ulises Gascon) #50622 * add macOS notarization stapler (Ulises Gascón) #50625 * improve macOS notarization process output readability (Ulises Gascón) #50389 * remove unused `version` function (Ulises Gascón) #50390 win,tools: * upgrade Windows signing to smctl (Stefan Stojanovic) #50956 zlib: * pause stream if outgoing buffer is full (Matteo Collina) nodejs-private/node-private#542 PR-URL: nodejs-private/node-private#545
RafaelGSS
pushed a commit
that referenced
this pull request
Feb 14, 2024
This is a security release. Notable changes: crypto: * disable PKCS#1 padding for privateDecrypt (Michael Dawson) nodejs-private/node-private#525 deps: * upgrade libuv to 1.48.0 (Santiago Gimeno) #51699 * update archs files for openssl-3.0.13+quic1 (Node.js GitHub Bot) #51614 * upgrade openssl sources to quictls/openssl-3.0.13+quic1 (Node.js GitHub Bot) #51614 * disable io\_uring support in libuv by default (Tobias Nießen) nodejs-private/node-private#529 * fix GHSA-f74f-cvh7-c6q6/CVE-2024-24806 (Santiago Gimeno) #51737 fs: * protect against modified Buffer internals in possiblyTransformPath (Tobias Nießen) nodejs-private/node-private#49 http: * add maximum chunk extension size (Paolo Insogna) nodejs-private/node-private#519 lib: * update undici to v5.28.3 (Matteo Collina) nodejs-private/node-private#539 * use cache fs internals against path traversal (RafaelGSS) nodejs-private/node-private#516 src: * fix HasOnly(capability) in node::credentials (Tobias Nießen) nodejs-private/node-private#505 src,deps: * disable setuid() etc if io\_uring enabled (Tobias Nießen) nodejs-private/node-private#529 test,doc: * clarify wildcard usage (RafaelGSS) nodejs-private/node-private#517 zlib: * pause stream if outgoing buffer is full (Matteo Collina) nodejs-private/node-private#541 PR-URL: nodejs-private/node-private#544
erikolofsson
pushed a commit
to Malterlib/node
that referenced
this pull request
Feb 19, 2024
marco-ippolito
pushed a commit
to marco-ippolito/node
that referenced
this pull request
Feb 19, 2024
PR-URL: nodejs#51614 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com>
marco-ippolito
pushed a commit
to marco-ippolito/node
that referenced
this pull request
Feb 19, 2024
PR-URL: nodejs#51614 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com>
rdw-msft
pushed a commit
to rdw-msft/node
that referenced
this pull request
Mar 20, 2024
This is a security release. Notable changes: crypto: * update root certificates to NSS 3.95 (Node.js GitHub Bot) nodejs#50805 * disable PKCS#1 padding for privateDecrypt (Michael Dawson) https://github.com/nodejs-private/node-private/pull/525 deps: * upgrade npm to 10.2.4 (npm team) nodejs#50751 * update archs files for openssl-3.0.13+quic1 (Node.js GitHub Bot) nodejs#51614 * upgrade openssl sources to quictls/openssl-3.0.13+quic1 (Node.js GitHub Bot) ://github.com/nodejs/pull/51614 * fix GHSA-f74f-cvh7-c6q6/CVE-2024-24806 (Santiago Gimeno) nodejs#51614 http: * add maximum chunk extension size (Paolo Insogna) https://github.com/nodejs-private/node-private/pull/520 lib: * update undici to v5.28.3 (Matteo Collina) https://github.com/nodejs-private/node-private/pull/536 src: * fix HasOnly(capability) in node::credentials (Tobias Nießen) https://github.com/nodejs-private/node-private/pull/505 test: * skip test-child-process-stdio-reuse-readable-stdio on Windows (Joyee Cheung) nodejs#49621 tools: * add macOS notarization verification step (Ulises Gascón) nodejs#50833 * use macOS keychain to notarize the releases (Ulises Gascón) nodejs#50715 * remove unused file (Ulises Gascon) nodejs#50622 * add macOS notarization stapler (Ulises Gascón) nodejs#50625 * improve macOS notarization process output readability (Ulises Gascón) nodejs#50389 * remove unused `version` function (Ulises Gascón) nodejs#50390 win,tools: * upgrade Windows signing to smctl (Stefan Stojanovic) nodejs#50956 zlib: * pause stream if outgoing buffer is full (Matteo Collina) https://github.com/nodejs-private/node-private/pull/542 PR-URL: https://github.com/nodejs-private/node-private/pull/545
rdw-msft
pushed a commit
to rdw-msft/node
that referenced
this pull request
Mar 20, 2024
This is a security release. Notable changes: crypto: * disable PKCS#1 padding for privateDecrypt (Michael Dawson) https://github.com/nodejs-private/node-private/pull/525 deps: * upgrade libuv to 1.48.0 (Santiago Gimeno) nodejs#51699 * update archs files for openssl-3.0.13+quic1 (Node.js GitHub Bot) nodejs#51614 * upgrade openssl sources to quictls/openssl-3.0.13+quic1 (Node.js GitHub Bot) nodejs#51614 * disable io\_uring support in libuv by default (Tobias Nießen) https://github.com/nodejs-private/node-private/pull/529 * fix GHSA-f74f-cvh7-c6q6/CVE-2024-24806 (Santiago Gimeno) nodejs#51737 fs: * protect against modified Buffer internals in possiblyTransformPath (Tobias Nießen) https://github.com/nodejs-private/node-private/pull/49 http: * add maximum chunk extension size (Paolo Insogna) https://github.com/nodejs-private/node-private/pull/519 lib: * update undici to v5.28.3 (Matteo Collina) https://github.com/nodejs-private/node-private/pull/539 * use cache fs internals against path traversal (RafaelGSS) https://github.com/nodejs-private/node-private/pull/516 src: * fix HasOnly(capability) in node::credentials (Tobias Nießen) https://github.com/nodejs-private/node-private/pull/505 src,deps: * disable setuid() etc if io\_uring enabled (Tobias Nießen) https://github.com/nodejs-private/node-private/pull/529 test,doc: * clarify wildcard usage (RafaelGSS) https://github.com/nodejs-private/node-private/pull/517 zlib: * pause stream if outgoing buffer is full (Matteo Collina) https://github.com/nodejs-private/node-private/pull/541 PR-URL: https://github.com/nodejs-private/node-private/pull/544
sercher
added a commit
to sercher/graaljs
that referenced
this pull request
Apr 25, 2024
PR-URL: nodejs/node#51614 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com>
sercher
added a commit
to sercher/graaljs
that referenced
this pull request
Apr 25, 2024
PR-URL: nodejs/node#51614 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com>
sercher
added a commit
to sercher/graaljs
that referenced
this pull request
Apr 25, 2024
sercher
added a commit
to sercher/graaljs
that referenced
this pull request
Apr 25, 2024
This is a security release. Notable changes: crypto: * update root certificates to NSS 3.95 (Node.js GitHub Bot) nodejs/node#50805 * disable PKCS#1 padding for privateDecrypt (Michael Dawson) https://github.com/nodejs-private/node-private/pull/525 deps: * upgrade npm to 10.2.4 (npm team) nodejs/node#50751 * update archs files for openssl-3.0.13+quic1 (Node.js GitHub Bot) nodejs/node#51614 * upgrade openssl sources to quictls/openssl-3.0.13+quic1 (Node.js GitHub Bot) ://github.com/nodejs/node/pull/51614 * fix GHSA-f74f-cvh7-c6q6/CVE-2024-24806 (Santiago Gimeno) nodejs/node#51614 http: * add maximum chunk extension size (Paolo Insogna) https://github.com/nodejs-private/node-private/pull/520 lib: * update undici to v5.28.3 (Matteo Collina) https://github.com/nodejs-private/node-private/pull/536 src: * fix HasOnly(capability) in node::credentials (Tobias Nießen) https://github.com/nodejs-private/node-private/pull/505 test: * skip test-child-process-stdio-reuse-readable-stdio on Windows (Joyee Cheung) nodejs/node#49621 tools: * add macOS notarization verification step (Ulises Gascón) nodejs/node#50833 * use macOS keychain to notarize the releases (Ulises Gascón) nodejs/node#50715 * remove unused file (Ulises Gascon) nodejs/node#50622 * add macOS notarization stapler (Ulises Gascón) nodejs/node#50625 * improve macOS notarization process output readability (Ulises Gascón) nodejs/node#50389 * remove unused `version` function (Ulises Gascón) nodejs/node#50390 win,tools: * upgrade Windows signing to smctl (Stefan Stojanovic) nodejs/node#50956 zlib: * pause stream if outgoing buffer is full (Matteo Collina) https://github.com/nodejs-private/node-private/pull/542 PR-URL: https://github.com/nodejs-private/node-private/pull/545
sercher
added a commit
to sercher/graaljs
that referenced
this pull request
Apr 25, 2024
PR-URL: nodejs/node#51614 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com>
sercher
added a commit
to sercher/graaljs
that referenced
this pull request
Apr 25, 2024
PR-URL: nodejs/node#51614 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com>
sercher
added a commit
to sercher/graaljs
that referenced
this pull request
Apr 25, 2024
sercher
added a commit
to sercher/graaljs
that referenced
this pull request
Apr 25, 2024
This is a security release. Notable changes: crypto: * update root certificates to NSS 3.95 (Node.js GitHub Bot) nodejs/node#50805 * disable PKCS#1 padding for privateDecrypt (Michael Dawson) https://github.com/nodejs-private/node-private/pull/525 deps: * upgrade npm to 10.2.4 (npm team) nodejs/node#50751 * update archs files for openssl-3.0.13+quic1 (Node.js GitHub Bot) nodejs/node#51614 * upgrade openssl sources to quictls/openssl-3.0.13+quic1 (Node.js GitHub Bot) ://github.com/nodejs/node/pull/51614 * fix GHSA-f74f-cvh7-c6q6/CVE-2024-24806 (Santiago Gimeno) nodejs/node#51614 http: * add maximum chunk extension size (Paolo Insogna) https://github.com/nodejs-private/node-private/pull/520 lib: * update undici to v5.28.3 (Matteo Collina) https://github.com/nodejs-private/node-private/pull/536 src: * fix HasOnly(capability) in node::credentials (Tobias Nießen) https://github.com/nodejs-private/node-private/pull/505 test: * skip test-child-process-stdio-reuse-readable-stdio on Windows (Joyee Cheung) nodejs/node#49621 tools: * add macOS notarization verification step (Ulises Gascón) nodejs/node#50833 * use macOS keychain to notarize the releases (Ulises Gascón) nodejs/node#50715 * remove unused file (Ulises Gascon) nodejs/node#50622 * add macOS notarization stapler (Ulises Gascón) nodejs/node#50625 * improve macOS notarization process output readability (Ulises Gascón) nodejs/node#50389 * remove unused `version` function (Ulises Gascón) nodejs/node#50390 win,tools: * upgrade Windows signing to smctl (Stefan Stojanovic) nodejs/node#50956 zlib: * pause stream if outgoing buffer is full (Matteo Collina) https://github.com/nodejs-private/node-private/pull/542 PR-URL: https://github.com/nodejs-private/node-private/pull/545
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is an automated update of OpenSSL to 3.0.13+quic1.
PR created via https://github.com/nodejs/node/actions/runs/7726382211/job/21062547257