Release date:
2026-02-06 06:54:39 UTC
Description:
* SECURITY UPDATE: Node.js buffer allocation race condition vulnerability
- debian/patches/CVE-2025-55131.patch: refactor unsafe buffer creation
to remove zero-fill toggle in lib/internal/buffer.js, src/node_buffer.cc,
src/api/environment.cc, and src/node_internals.h
- CVE-2025-55131
Updated packages:
-
alt-nodejs23-docs_23.11.1-3_amd64.deb
sha:1d412507e78dc722fc410e5819a5fcfc15835850
-
alt-nodejs23-nodejs_23.11.1-3_amd64.deb
sha:3c3d115622ff82a4866c9a1728685c23011afb0d
-
alt-nodejs23-nodejs-devel_23.11.1-3_amd64.deb
sha:d478a5fef5a16770c0e89d0e393633963f87c308
-
alt-nodejs23-npm_10.9.2-23.11.1.3_amd64.deb
sha:52030d1eeb120cd42c43c7d5796360878d5b1346
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
