Closed renovate[bot] closed 6 months ago
This PR contains the following updates:
21.7.1-alpine
21.7.2-alpine
📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
21.7.1-alpine
->21.7.2-alpine
21.7.1-alpine
->21.7.2-alpine
Release Notes
nodejs/node (node)
### [`v21.7.2`](https://togithub.com/nodejs/node/releases/tag/v21.7.2): 2024-04-03, Version 21.7.2 (Current), @RafaelGSS prepared by @marco-ippolito [Compare Source](https://togithub.com/nodejs/node/compare/v21.7.1...v21.7.2) This is a security release. ##### Notable changes - CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High) - CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation- (Medium) - llhttp version 9.2.1 - undici version 6.11.1 ##### Commits - \[[`3dfc10c851`](https://togithub.com/nodejs/node/commit/3dfc10c851)] - **deps**: update undici to 6.11.1 (Node.js GitHub Bot) [#52328](https://togithub.com/nodejs/node/pull/52328) - \[[`aceea1c5e7`](https://togithub.com/nodejs/node/commit/aceea1c5e7)] - **deps**: update undici to 6.10.2 (Node.js GitHub Bot) [#52227](https://togithub.com/nodejs/node/pull/52227) - \[[`5f0f96b275`](https://togithub.com/nodejs/node/commit/5f0f96b275)] - **deps**: update llhttp to 9.2.0 (Node.js GitHub Bot) [#51719](https://togithub.com/nodejs/node/pull/51719) - \[[`1a65e98e22`](https://togithub.com/nodejs/node/commit/1a65e98e22)] - **http**: do not allow OBS fold in headers by default (Paolo Insogna) [nodejs-private/node-private#556](https://togithub.com/nodejs-private/node-private/pull/556) - \[[`3bd39fb474`](https://togithub.com/nodejs/node/commit/3bd39fb474)] - **src**: ensure to close stream when destroying session (Anna Henningsen) [nodejs-private/node-private#561](https://togithub.com/nodejs-private/node-private/pull/561)Configuration
📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
This PR has been generated by Mend Renovate. View repository job log here.