-
Wed Jun 01 2022 Jan Staněk <jstanek@redhat.com> - 12.22.12-2
- Re-create patch for CVE-2021-44906 and apply to all found bundled dependencies
Resolves: rhbz#2073596
-
Mon May 09 2022 Jan Staněk <jstanek@redhat.com> - 12.22.12-1
- Rebase to last upstream release
Resolves: CVE-2021-37701 CVE-2021-37712 CVE-2021-22960 CVE-2021-22959
Resolves: CVE-2021-3918 CVE-2021-44531 CVE-2021-44532 CVE-2021-44533
Resolves: CVE-2022-21824 CVE-2021-44906
-
Wed Aug 25 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 12.22.5-4
- Don't run tests
-
Tue Aug 24 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 12.22.5-3
- Disable test
-
Tue Aug 24 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 12.22.5-2
- Disable test
-
Mon Aug 16 2021 Jan Staněk <jstanek@redhat.com> - 12.22.5-1
- Rebase to 12.22.5
Resolves: CVE-2021-22931 CVE-2021-22939 CVE-2021-22940
-
Thu Aug 05 2021 Jan Staněk <jstanek@redhat.com> - 12.22.4-1
- Rebase to 12.22.4 with additional fixes (http2-update-handling-of-streams-on-rst_stream-frames.patch)
Resolves: CVE-2021-22930
- Backport fix for CVE-2021-23343 in bundled(nodejs-path-parse)
Resolves: rhbz#1986744
-
Thu Jul 08 2021 Jan Staněk <jstanek@redhat.com> - 12.22.2-1
- Rebase to 12.22.2
Resolves: CVE-2021-22918, CVE-2021-23362, CVE-2021-27290, CVE-2021-33502
- Drop upstreamed deps-y18n-address-prototype-pollution-issue.patch
-
Tue Feb 23 2021 Jan Staněk <jstanek@redhat.com> - 12.21.0-1
- Rebase to 12.21.0
- Resolves: CVE-2021-22883 CVE-2021-22884
-
Fri Jan 08 2021 Jan Staněk <jstanek@redhat.com> - 12.20.1-1
- Rebase to 12.20.1
- Resolves: CVE-2020-8265 CVE-2020-8287