mirror of
https://github.com/motioneye-project/motioneyeos.git
synced 2025-04-21 13:57:16 +00:00
f4806f6964
This is a security release. Vulnerabilities fixed: CVE-2020-8172: TLS session reuse can lead to host certificate verification bypass (High). CVE-2020-11080: HTTP/2 Large Settings Frame DoS (Low). CVE-2020-8174: napi_get_value_string_*() allows various kinds of memory corruption (High). See https://nodejs.org/en/blog/release/v12.18.0/ Signed-off-by: Martin Bark <martin@barkynet.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit 06decad41bcf187ad88fde1fe8039e6fb65fabc7) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>