Update Node.js to v14.18.1

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
node	final	patch	14.18.0-alpine -> 14.18.1-alpine

---

Release Notes

nodejs/node

v14.18.1

Compare Source

This is a security release.

Notable changes

• CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium)
  • The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will be available at CVE-2021-22959 after publication.
• CVE-2021-22960: HTTP Request Smuggling when parsing the body (Medium)
  • The parse ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions. More details will be available at CVE-2021-22960 after publication.

Commits

• [8c254ca7e4] - deps: update llhttp to 2.1.4 (Fedor Indutny) nodejs-private/node-private#​285
• [9b92ae2499] - http: add regression test for smuggling content length (Matteo Collina) nodejs-private/node-private#​285
• [f467539719] - http: add regression test for chunked smuggling (Matteo Collina) nodejs-private/node-private#​285

---

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by WhiteSource Renovate. View repository job log here.