ref: 05a22892921bd4618efe6135ce0d6fe2be545607
parent: 8e553dcdefe50ab534f1199c006ae7754e14bee5
author: Anthony Fok <foka@debian.org>
date: Fri Sep 18 08:11:52 EDT 2020
snap: Bump bundled Node.js from v12.18.3 to v12.18.4 due to CVE-2020-8201, CVE-2020-8251 and CVE-2020-8252, see https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/
--- a/snap/plugins/x_nodejs.py
+++ b/snap/plugins/x_nodejs.py
@@ -63,7 +63,7 @@
logger = logging.getLogger(__name__)
_NODEJS_BASE = "node-v{version}-linux-{arch}"-_NODEJS_VERSION = "12.18.3"
+_NODEJS_VERSION = "12.18.4"
_NODEJS_TMPL = "https://nodejs.org/dist/v{version}/{base}.tar.gz" _NODEJS_ARCHES = {"i386": "x86", "amd64": "x64", "armhf": "armv7l", "arm64": "arm64", "ppc64el": "ppc64le", "s390x": "s390x"}_YARN_URL = "https://yarnpkg.com/latest.tar.gz"