Skip to content

main/nodejs: security upgrade to 12.18.0

Tim Brust requested to merge timbru31/aports:feature/update-nodejs into master

Node.js v12.18.0 was released to address three CVEs:

  • CVE-2020-8172: TLS session reuse can lead to host certificate verification bypass (High).
  • CVE-2020-11080: HTTP/2 Large Settings Frame DoS (Low).
  • CVE-2020-8174: napi_get_value_string_*() allows various kinds of memory corruption (High).

See and


Merge request reports