---
- branch: MAIN
  date: Fri Feb 17 12:01:51 UTC 2023
  files:
  - new: '1.9'
    old: '1.8'
    path: pkgsrc/lang/nodejs14/Makefile
    pathrev: pkgsrc/lang/nodejs14/Makefile@1.9
    type: modified
  - new: '1.7'
    old: '1.6'
    path: pkgsrc/lang/nodejs14/distinfo
    pathrev: pkgsrc/lang/nodejs14/distinfo@1.7
    type: modified
  id: 20230217T120151Z.a98af665d388323792c718eae9a4b558f0f07f58
  log: |
    nodejs14: updated to 14.21.3

    Version 14.21.3 'Fermium' (LTS)

    This is a security release.

    Notable Changes

    The following CVEs are fixed in this release:

    * CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High)
    * CVE-2023-23920: Node.js insecure loading of ICU data through ICU\_DATA environment variable (Low)
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/lang/nodejs14'
  unixtime: '1676635311'
  user: adam