Skip to content

deps: bump nodejs to 20.19.2#2185

Merged
updateclibot[bot] merged 1 commit intomasterfrom
updatecli_master_nodejs
May 14, 2025
Merged

deps: bump nodejs to 20.19.2#2185
updateclibot[bot] merged 1 commit intomasterfrom
updatecli_master_nodejs

Conversation

@updateclibot
Copy link
Copy Markdown
Contributor

@updateclibot updateclibot bot commented May 14, 2025

deps: Bump Node version in Netlify configuration

deps: update Node used by Netlify to 20.19.2

1 file(s) updated with "NODE_VERSION = \"20.19.2\"": * netlify.toml

v20.19.2 
This is a security release.

### Notable Changes

* (CVE-2025-23166) fix error handling on async crypto operation
* (CVE-2025-23167) (SEMVER-MAJOR) update llhttp to 9.2.0
* (CVE-2025-23165) add missing call to uv\_fs\_req\_cleanup

### Commits

* \[[`eb25047b1b`](https://github.com/nodejs/node/commit/eb25047b1b)] - **deps**: update llhttp to 9.2.0 (Node.js GitHub Bot) [#51719](https://github.com/nodejs/node/pull/51719)
* \[[`12dcd8db08`](https://github.com/nodejs/node/commit/12dcd8db08)] - **deps**: update llhttp to 9.1.3 (Node.js GitHub Bot) [#50080](https://github.com/nodejs/node/pull/50080)
* \[[`190e45a291`](https://github.com/nodejs/node/commit/190e45a291)] - **(SEMVER-MAJOR)** **(CVE-2025-23167)** **deps**: update llhttp to 9.1.2 (Paolo Insogna) [#48981](https://github.com/nodejs/node/pull/48981)
* \[[`fc68c44e6a`](https://github.com/nodejs/node/commit/fc68c44e6a)] - **fs**: added test for missing call to uv\_fs\_req\_cleanup (Justin Nietzel) [#57811](https://github.com/nodejs/node/pull/57811)
* \[[`9e13bf0a81`](https://github.com/nodejs/node/commit/9e13bf0a81)] - **(CVE-2025-23165)** **fs**: add missing call to uv\_fs\_req\_cleanup (Justin Nietzel) [#57811](https://github.com/nodejs/node/pull/57811)
* \[[`bd0aa5d44c`](https://github.com/nodejs/node/commit/bd0aa5d44c)] - **(CVE-2024-27982)** **http**: do not allow OBS fold in headers by default (Paolo Insogna) [nodejs-private/node-private#556](https://github.com/nodejs-private/node-private/pull/556)
* \[[`6c57465920`](https://github.com/nodejs/node/commit/6c57465920)] - **(CVE-2025-23166)** **src**: fix error handling on async crypto operations (RafaelGSS) [nodejs-private/node-private#710](https://github.com/nodejs-private/node-private/pull/710)
GitHub Action workflow link
Updatecli logo

Created automatically by Updatecli

Options:

Most of Updatecli configuration is done via its manifest(s).

  • If you close this pull request, Updatecli will automatically reopen it, the next time it runs.
  • If you close this pull request and delete the base branch, Updatecli will automatically recreate it, erasing all previous commits made.

Feel free to report any issues at github.com/updatecli/updatecli.
If you find this tool useful, do not hesitate to star our GitHub repository as a sign of appreciation, and/or to tell us directly on our chat!

@updateclibot updateclibot bot added the dependencies Pull requests that update a dependency file label May 14, 2025
@updateclibot updateclibot bot enabled auto-merge May 14, 2025 21:24
@updateclibot updateclibot bot added this pull request to the merge queue May 14, 2025
Merged via the queue into master with commit 722b3b8 May 14, 2025
9 checks passed
@updateclibot updateclibot bot deleted the updatecli_master_nodejs branch May 14, 2025 21:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants