Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
devel:languages:nodejs
nodejs8
CVE-2021-22884.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2021-22884.patch of Package nodejs8
From 1564752d553f582c8048ee45614f870ee2a446c9 Mon Sep 17 00:00:00 2001 From: Matteo Collina <hello@matteocollina.com> Date: Thu, 14 Jan 2021 16:04:44 +0100 Subject: [PATCH] src: drop localhost6 as allowed host for inspector MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit CVE-ID: CVE-2021-22884 Refs: https://hackerone.com/bugs?report_id=1069487 PR-URL: https://github.com/nodejs-private/node-private/pull/244 Reviewed-By: Beth Griggs <bgriggs@redhat.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: Mary Marchini <oss@mmarchini.me> Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Michaƫl Zasso <targos@protonmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> --- src/inspector_socket.cc | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) Index: node-v8.17.0/src/inspector_socket.cc =================================================================== --- node-v8.17.0.orig/src/inspector_socket.cc +++ node-v8.17.0/src/inspector_socket.cc @@ -511,8 +511,7 @@ static std::string HeaderValue(const str static bool IsAllowedHost(const std::string& host_with_port) { std::string host = TrimPort(host_with_port); return host.empty() || IsIPAddress(host) - || node::StringEqualNoCase(host.data(), "localhost") - || node::StringEqualNoCase(host.data(), "localhost6"); + || node::StringEqualNoCase(host.data(), "localhost"); } static int message_complete_cb(http_parser* parser) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor