Closed renovate[bot] closed 2 years ago
Merging #50 (bfbb148) into master (babada7) will not change coverage. The diff coverage is
n/a
.
@@ Coverage Diff @@
## master #50 +/- ##
=======================================
Coverage 86.36% 86.36%
=======================================
Files 2 2
Lines 44 44
Branches 6 6
=======================================
Hits 38 38
Partials 6 6
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact)
,ø = not affected
,? = missing data
Powered by Codecov. Last update babada7...bfbb148. Read the comment docs.
:tada: This PR is included in version 1.1.5 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
This PR contains the following updates:
14.18.0
->14.18.1
Release Notes
nodejs/node
### [`v14.18.1`](https://togithub.com/nodejs/node/releases/v14.18.1) [Compare Source](https://togithub.com/nodejs/node/compare/v14.18.0...v14.18.1) This is a security release. ##### Notable changes - **CVE-2021-22959**: HTTP Request Smuggling due to spaced in headers (Medium) - The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will be available at [CVE-2021-22959](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959) after publication. - **CVE-2021-22960**: HTTP Request Smuggling when parsing the body (Medium) - The parse ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions. More details will be available at [CVE-2021-22960](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960) after publication. ##### Commits - \[[`8c254ca7e4`](https://togithub.com/nodejs/node/commit/8c254ca7e4)] - **deps**: update llhttp to 2.1.4 (Fedor Indutny) [nodejs-private/node-private#285](https://togithub.com/nodejs-private/node-private/pull/285) - \[[`9b92ae2499`](https://togithub.com/nodejs/node/commit/9b92ae2499)] - **http**: add regression test for smuggling content length (Matteo Collina) [nodejs-private/node-private#285](https://togithub.com/nodejs-private/node-private/pull/285) - \[[`f467539719`](https://togithub.com/nodejs/node/commit/f467539719)] - **http**: add regression test for chunked smuggling (Matteo Collina) [nodejs-private/node-private#285](https://togithub.com/nodejs-private/node-private/pull/285)Configuration
📅 Schedule: At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.