Node v21.6.2 (Current)

Rafael Gonzaga

2024-02-14, Version 21.6.2 (Current), @RafaelGSS

Notable changes

This is a security release.

Notable changes

  • CVE-2024-21892 - Code injection and privilege escalation through Linux capabilities- (High)
  • CVE-2024-22019 - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High)
  • CVE-2024-21896 - Path traversal by monkey-patching Buffer internals- (High)
  • CVE-2024-22017 - setuid() does not drop all privileges due to io_uring - (High)
  • CVE-2023-46809 - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium)
  • CVE-2024-21891 - Multiple permission model bypasses due to improper path traversal sequence sanitization - (Medium)
  • CVE-2024-21890 - Improper handling of wildcards in --allow-fs-read and --allow-fs-write (Medium)
  • CVE-2024-22025 - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium)
  • undici version 5.28.3
  • libuv version 1.48.0
  • OpenSSL version 3.0.13+quic1

Commits

Windows 32-bit Installer: https://nodejs.org/dist/v21.6.2/node-v21.6.2-x86.msi
Windows 64-bit Installer: https://nodejs.org/dist/v21.6.2/node-v21.6.2-x64.msi
Windows ARM 64-bit Installer: https://nodejs.org/dist/v21.6.2/node-v21.6.2-arm64.msi
Windows 32-bit Binary: https://nodejs.org/dist/v21.6.2/win-x86/node.exe
Windows 64-bit Binary: https://nodejs.org/dist/v21.6.2/win-x64/node.exe
Windows ARM 64-bit Binary: https://nodejs.org/dist/v21.6.2/win-arm64/node.exe
macOS 64-bit Installer: https://nodejs.org/dist/v21.6.2/node-v21.6.2.pkg
macOS Apple Silicon 64-bit Binary: https://nodejs.org/dist/v21.6.2/node-v21.6.2-darwin-arm64.tar.gz
macOS Intel 64-bit Binary: https://nodejs.org/dist/v21.6.2/node-v21.6.2-darwin-x64.tar.gz
Linux 64-bit Binary: https://nodejs.org/dist/v21.6.2/node-v21.6.2-linux-x64.tar.xz
Linux PPC LE 64-bit Binary: https://nodejs.org/dist/v21.6.2/node-v21.6.2-linux-ppc64le.tar.xz
Linux s390x 64-bit Binary: https://nodejs.org/dist/v21.6.2/node-v21.6.2-linux-s390x.tar.xz
AIX 64-bit Binary: https://nodejs.org/dist/v21.6.2/node-v21.6.2-aix-ppc64.tar.gz
ARMv7 32-bit Binary: https://nodejs.org/dist/v21.6.2/node-v21.6.2-linux-armv7l.tar.xz
ARMv8 64-bit Binary: https://nodejs.org/dist/v21.6.2/node-v21.6.2-linux-arm64.tar.xz
Source Code: https://nodejs.org/dist/v21.6.2/node-v21.6.2.tar.gz
Other release files: https://nodejs.org/dist/v21.6.2/
Documentation: https://nodejs.org/docs/v21.6.2/api/

SHASUMS

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

e06dff53a5e2a88caff9735c076165a6a53f4c45960a8887410684e1fea6c7cb  node-v21.6.2-aix-ppc64.tar.gz
c7fa8788001eaac4bb250a84f6b3a918ebaa8016111ece95d59b513cf4a394dc  node-v21.6.2-arm64.msi
120c8205654c640865864dc464389b3ffe6d7ebe310dffdbe3fd8718a512e14f  node-v21.6.2-darwin-arm64.tar.gz
f8aa996b4e7700069892bc9ff28ddef3b3b3c8c952b929d1b148c943995970e3  node-v21.6.2-darwin-arm64.tar.xz
0f75d9b46b986100c6faeec040ee46adf4981eb6abb5dd63e7a6ca4868d280f4  node-v21.6.2-darwin-x64.tar.gz
5944de39bc7b8af229b0024d583ced7c76cee194ee9068a07d67372a606c5105  node-v21.6.2-darwin-x64.tar.xz
55d9a03dcfce682583eb5e7eec15f32ae95b28b6e805f31688b22a7bd71581b1  node-v21.6.2-headers.tar.gz
976500ffa659108fa2eb30daae2f1b96a34a97b2caa1db30802ac56edc2b237a  node-v21.6.2-headers.tar.xz
b8431985c53cc14e02cddf4c128d043c62af19023f908ebcdc1c6a683ee995f3  node-v21.6.2-linux-arm64.tar.gz
2606765f95262bcebb323e56a39b3be8db89863fbd83e06d2b5a08e41dc78f29  node-v21.6.2-linux-arm64.tar.xz
d6127be538ae57447fd40bac6ea124ad71cfd5a50b9343b781830cc92bc1a0c2  node-v21.6.2-linux-armv7l.tar.gz
ae33085c3d635f9488f47c56ee90fdf0dc9c1d0a520cfbe281c5b08d69e64da0  node-v21.6.2-linux-armv7l.tar.xz
2e265d86f9d20ba223d65ceadc0589b156439a5521cd9da6e34de5460a0d2195  node-v21.6.2-linux-ppc64le.tar.gz
b951f52db17b75a7bff0a2da2cefca3ba1e4dd7368b2b1280f39fcbecde0555c  node-v21.6.2-linux-ppc64le.tar.xz
7cba8c2b2338aaa05f5dec5d953d61cdf5219881a7c8d420f215e920a33c06fa  node-v21.6.2-linux-s390x.tar.gz
167bb0595478bae4c46b2248cae16890d24c2a9c92de7d0e27f9d1cafcad21ba  node-v21.6.2-linux-s390x.tar.xz
d4504dcbcd1a9ded42d86bc20a7e72d6d631e49dcf3f9c849c3b51b12f3f4544  node-v21.6.2-linux-x64.tar.gz
593dd28f5c78d797e76b730937b95fcdfc594f053a8756b1d0860a4555bed58e  node-v21.6.2-linux-x64.tar.xz
a0cdada31786f6ff1f82e8fd91bda23cd4f615a56acd3c9605cd468b60b8437a  node-v21.6.2-win-arm64.7z
a201948e5f0df6de6c4b42dbcb42d7a10d3cb5b6dbb7a40e3f4244644d3b3d1a  node-v21.6.2-win-arm64.zip
d450d170009d272c98765af3abf2bbc2903c1c08856f9e3730be03cc9d9b2bc5  node-v21.6.2-win-x64.7z
99bac3a930bd487e53c5a35b3e2f5ec102053316d7eb89f93273d916d57353a2  node-v21.6.2-win-x64.zip
44dee171378d7ac9967e772a8f114be5fdf59a163f65ec5faa7411c8be3bc961  node-v21.6.2-win-x86.7z
1701b32ba5315c794c2a64ef4a71e93ad2a6c109acf5b577d628413a7dc5cd04  node-v21.6.2-win-x86.zip
e081647df79c833e9d62e7edff5e9e01dbd5b78417dff6ef149e6384e8327bcf  node-v21.6.2-x64.msi
12960661f83a1618adf57e84eddcd1886edec452d74f27318efde8b92a25c91a  node-v21.6.2-x86.msi
6b5d7153dffec20487cbcb81d5ebaf97e6678eb463337e8429ba4e7b60754505  node-v21.6.2.pkg
9020fb36ec7e04f5032944c8422c2004350e9bfcd5e835ac3c90b74981c1f3e0  node-v21.6.2.tar.gz
191294d445d1e6800359acc8174529b1e18e102147dc5f596030d3dce96931e5  node-v21.6.2.tar.xz
ae7ccd1298e8871e61c1223a929ff482fa43d29aa284118798f01a73e40b2b29  win-arm64/node.exe
cf6082f3ffb45335d41566805c7b844082f36042fa7dc2dc6aecdc3ce0e7c79a  win-arm64/node.lib
8cb47e9ebda0efb8578382db82001308bcb2de95e0275e0bca3ff4f03de140b1  win-arm64/node_pdb.7z
cdb3d760f9aca9578135c25f299b382e074bfcb56b2d321acf278a0a76ec2eb4  win-arm64/node_pdb.zip
3f06d98986b4ddf7e9d258936bb7b8907c44c6e9a29c645a5aca04e5a26c0b53  win-x64/node.exe
cacf06da3d7f04d0a0a5a901bfbdbaf0950cc5f73febf7b2f451b27c7f6265b1  win-x64/node.lib
077739fded97d02d026db839aca840622c34b7e584efe294d40fc8d1bd9dc19a  win-x64/node_pdb.7z
54c3a6fea6f832716bfe5d918a56ca1767ae89163729c34d866c2623c0a90edf  win-x64/node_pdb.zip
0aaa0f4635253afe9660f64a862786db555961ecc7217b68fa120817c0c56a00  win-x86/node.exe
ca6545afa230d2abdbf8ba19065f77b727bde72dfa253c466d876d0b3a7ea4ee  win-x86/node.lib
cf24de1e7157ac4bac77fccb255fe295e8639a349d5c9f8726fe3e6b5ccf8afc  win-x86/node_pdb.7z
99f2345e0e737fbd7f8d94b4118d9dc820ebc198823de29324e1f1754f84c9e0  win-x86/node_pdb.zip
-----BEGIN PGP SIGNATURE-----

iQGzBAEBCAAdFiEEiQwI24V5Fi/uDfnbi+q0389VXvQFAmXM+XcACgkQi+q0389V
XvRIBQv+J+9C/N2aHF7mJJajSMJ67YZ1DjCwVt91loxcjnmt5aVx7LvluXkI3fBd
qzjx31Mvb45XeduyQaWgSzRgzanOJbXoQEQSqeeL4ubQV1Rq8UtTWl7/NZQQt6lX
ZY9Icg1BS577NwayCyKhoRjViq7waWkh07EfLZvMvl5Y85x/rIN6EF7YiscwhN10
oUEgNBS1txHy9grCHU42iNqKzI2jguPYLauvcj6QebZxFg1OhWp5q2lVDGckW5Sh
2pLKkvIRru+6oFZ848fu8sxxWxLZSbWSumVBbxmmoWGjWMK8zdCf3PbKBXkgm66y
yn4jnk5iDquottcf3BMcDBivcXcNv+x0DdWMq27YjVHfgxwhYYcDOBXlDtSY2zhd
njX2t3/96GrDIgZMNoBgGre7WWvInLYr7r5ejPoXVGbRd9AtOd65TbzsoKsJzrwG
LcVZ7ppfIGaV8T76q2tdMmfbvmGDOyJ6sXF2U4VzcqRVnfyIuIkM74S06BJIywBI
BvL6HeBI
=loKR
-----END PGP SIGNATURE-----
PrevNode v21.7.0 (Current)NextNode v20.11.1 (LTS)
Last Updated
Feb 14, 2024
Reading Time
3 min read
Contribute
Edit this page
Table of Contents
  1. 2024-02-14, Version 21.6.2 (Current), @RafaelGSS
  2. Notable changes
  3. Notable changes
  4. Commits
  5. SHASUMS