hello sgallagh, thank you for your efforts! does this update only fix CVE-2018-12120 and not the other vulnerabilities from release v6.15.0? https://nodejs.org/en/blog/release/v6.15.0/
It includes everything that is fixed by 6.15.0 in Node.js. The OpenSSL-related ones are fixed by that package, as we link to the system copy rather than using the bundled version. I have it on my TODO list to process through the open CVE bugs and make sure they're closed appropriately, I just have been backlogged lately.
This update has been submitted for testing by sgallagh.
hello sgallagh, thank you for your efforts! does this update only fix CVE-2018-12120 and not the other vulnerabilities from release v6.15.0? https://nodejs.org/en/blog/release/v6.15.0/
thank you, sascha
It includes everything that is fixed by 6.15.0 in Node.js. The OpenSSL-related ones are fixed by that package, as we link to the system copy rather than using the bundled version. I have it on my TODO list to process through the open CVE bugs and make sure they're closed appropriately, I just have been backlogged lately.
This update has been pushed to testing.
This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes
This update has been submitted for batched by sgallagh.
This update has been submitted for stable by bodhi.
This update has been pushed to stable.