Release date:
2026-02-06 06:51:41 UTC
Description:
* SECURITY UPDATE: Node.js buffer allocation race condition vulnerability
- debian/patches/CVE-2025-55131.patch: refactor unsafe buffer creation
to remove zero-fill toggle in lib/internal/buffer.js, src/node_buffer.cc,
src/api/environment.cc, and src/node_internals.h
- CVE-2025-55131
Updated packages:
-
alt-nodejs23-docs_23.11.1-3_amd64.deb
sha:4c6c30542c3813429db267f4c7d35ad2ebacd716
-
alt-nodejs23-nodejs_23.11.1-3_amd64.deb
sha:db0df959ab0d77456d8472b70175f68b9bfa6021
-
alt-nodejs23-nodejs-devel_23.11.1-3_amd64.deb
sha:dd05e5d4b756a8991853d2d19bd495df56fdca01
-
alt-nodejs23-npm_10.9.2-23.11.1.3_amd64.deb
sha:731a4d918f184666c6f6eabb4e2126f9e58c134b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
