Skip to content

Commit

Permalink
2022-11-04, Version 16.18.1 'Gallium' (LTS)
Browse files Browse the repository at this point in the history 
This is a security release.

Notable changes:

The following CVEs are fixed in this release:

- CVE-2022-43548: DNS rebinding in --inspect via invalid octal IP
                  address (Medium)

PR-URL: nodejs-private/node-private#363
  • Loading branch information
@BethGriggs
BethGriggs committed Nov 4, 2022
1 parent 7a14550 commit 81123b6
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 1 deletion.
4 changes: 3 additions & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,9 @@ release.
<a href="doc/changelogs/CHANGELOG_V18.md#18.0.0">18.0.0</a><br/>
</td>
<td valign="top">
<b><a href="doc/changelogs/CHANGELOG_V16.md#16.17.1">16.17.1</a></b><br/>
<b><a href="doc/changelogs/CHANGELOG_V16.md#16.18.1">16.18.1</a></b><br/>
<a href="doc/changelogs/CHANGELOG_V16.md#16.18.0">16.18.0</a><br/>
<a href="doc/changelogs/CHANGELOG_V16.md#16.17.1">16.17.1</a><br/>
<a href="doc/changelogs/CHANGELOG_V16.md#16.17.0">16.17.0</a><br/>
<a href="doc/changelogs/CHANGELOG_V16.md#16.16.0">16.16.0</a><br/>
<a href="doc/changelogs/CHANGELOG_V16.md#16.15.1">16.15.1</a><br/>
Expand Down
19 changes: 19 additions & 0 deletions doc/changelogs/CHANGELOG_V16.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
</tr>
<tr>
<td valign="top">
<a href="#16.18.1">16.18.1</a><br/>
<a href="#16.18.0">16.18.0</a><br/>
<a href="#16.17.1">16.17.1</a><br/>
<a href="#16.17.0">16.17.0</a><br/>
Expand Down Expand Up @@ -67,6 +68,24 @@
* [io.js](CHANGELOG_IOJS.md)
* [Archive](CHANGELOG_ARCHIVE.md)

<a id="16.18.1"></a>

## 2022-11-04, Version 16.18.1 'Gallium' (LTS), @BethGriggs

This is a security release.

### Notable changes

The following CVEs are fixed in this release:

* **[CVE-2022-43548](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43548)**: DNS rebinding in --inspect via invalid octal IP address (Medium)

More detailed information on each of the vulnerabilities can be found in [November 2022 Security Releases](https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/) blog post.

### Commits

* \[[`9ffddd7098`](https://github.com/nodejs/node/commit/9ffddd7098)] - **inspector**: harden IP address validation again (Tobias Nießen) [nodejs-private/node-private#354](https://github.com/nodejs-private/node-private/pull/354)

<a id="16.18.0"></a>

## 2022-10-12, Version 16.18.0 'Gallium' (LTS), @juanarbol
Expand Down

0 comments on commit 81123b6

Please sign in to comment.