Skip to content

Commit e7cc609

Browse files
RafaelGSSpull[bot]
RafaelGSS
authored and
pull[bot]
committed
2024-07-08, Version 18.20.4 'Hydrogen' (LTS)
This is a security release. Notable changes: * CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High) * CVE-2024-22020 - Bypass network import restriction via data URL (Medium) PR-URL: https://github.com/nodejs-private/node-private/pull/609
1 parent ce8db0a commit e7cc609

2 files changed

Lines changed: 19 additions & 1 deletion

File tree

CHANGELOG.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -86,7 +86,8 @@ release.
8686
<a href="doc/changelogs/CHANGELOG_V20.md#20.0.0">20.0.0</a><br/>
8787
</td>
8888
<td valign="top">
89-
<b><a href="doc/changelogs/CHANGELOG_V18.md#18.20.3">18.20.3</a></b><br/>
89+
<b><a href="doc/changelogs/CHANGELOG_V18.md#18.20.4">18.20.4</a></b><br/>
90+
<a href="doc/changelogs/CHANGELOG_V18.md#18.20.3">18.20.3</a><br/>
9091
<a href="doc/changelogs/CHANGELOG_V18.md#18.20.2">18.20.2</a><br/>
9192
<a href="doc/changelogs/CHANGELOG_V18.md#18.20.1">18.20.1</a><br/>
9293
<a href="doc/changelogs/CHANGELOG_V18.md#18.20.0">18.20.0</a><br/>

doc/changelogs/CHANGELOG_V18.md

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@
99
</tr>
1010
<tr>
1111
<td>
12+
<a href="#18.20.4">18.20.4</a><br/>
1213
<a href="#18.20.3">18.20.3</a><br/>
1314
<a href="#18.20.2">18.20.2</a><br/>
1415
<a href="#18.20.1">18.20.1</a><br/>
@@ -72,6 +73,22 @@
7273
* [io.js](CHANGELOG_IOJS.md)
7374
* [Archive](CHANGELOG_ARCHIVE.md)
7475

76+
<a id="18.20.4"></a>
77+
78+
## 2024-07-08, Version 18.20.4 'Hydrogen' (LTS), @RafaelGSS
79+
80+
This is a security release.
81+
82+
### Notable Changes
83+
84+
* CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High)
85+
* CVE-2024-22020 - Bypass network import restriction via data URL (Medium)
86+
87+
### Commits
88+
89+
* \[[`85abedf1ff`](https://github.com/nodejs/node/commit/85abedf1ff)] - **lib,esm**: handle bypass network-import via data: (RafaelGSS) [nodejs-private/node-private#522](https://github.com/nodejs-private/node-private/pull/522)
90+
* \[[`eccd63b865`](https://github.com/nodejs/node/commit/eccd63b865)] - **src**: handle permissive extension on cmd check (RafaelGSS) [nodejs-private/node-private#596](https://github.com/nodejs-private/node-private/pull/596)
91+
7592
<a id="18.20.3"></a>
7693

7794
## 2024-05-21, Version 18.20.3 'Hydrogen' (LTS), @richardlau

0 commit comments

Comments
 (0)