chore(deps): update node.js to v21.7.2 #1279

renovate · 2024-04-06T04:07:57Z

This PR contains the following updates:

Package	Type	Update	Change
node	final	patch	`21.7.1-alpine` -> `21.7.2-alpine`
node	stage	patch	`21.7.1-alpine` -> `21.7.2-alpine`

nodejs/node (node)

This is a security release.

CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High)
CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation- (Medium)
llhttp version 9.2.1
undici version 6.11.1

[3dfc10c851] - deps: update undici to 6.11.1 (Node.js GitHub Bot) #52328
[aceea1c5e7] - deps: update undici to 6.10.2 (Node.js GitHub Bot) #52227
[5f0f96b275] - deps: update llhttp to 9.2.0 (Node.js GitHub Bot) #51719
[1a65e98e22] - http: do not allow OBS fold in headers by default (Paolo Insogna) nodejs-private/node-private#556
[3bd39fb474] - src: ensure to close stream when destroying session (Anna Henningsen) nodejs-private/node-private#561

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

This PR has been generated by Mend Renovate. View repository job log here.

chore(deps): update node.js to v21.7.2

f8be814

renovate bot added the renovate label Apr 6, 2024

renovate bot enabled auto-merge April 6, 2024 04:07

renovate bot added this pull request to the merge queue Apr 6, 2024

Merged via the queue into master with commit 4af8590 Apr 6, 2024
5 checks passed

renovate bot deleted the renovate/node-21.x branch April 6, 2024 04:11

Provide feedback