Security release 14.18.3

Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
Prototype pollution via `console.table` properties (Low)(CVE-2022-21824)

Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>

nodejs.spec

@@ -20,7 +20,7 @@
 %global nodejs_epoch 1
 %global nodejs_major 14
 %global nodejs_minor 18
-%global nodejs_patch 2
+%global nodejs_patch 3
 %global nodejs_abi %{nodejs_major}.%{nodejs_minor}
 # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
 %global nodejs_soversion 83
@@ -668,6 +668,14 @@ end
 
 
 %changelog
+* Tue Jan 11 2022 Stephen Gallagher <sgallagh@redhat.com> - 1:14.18.3-1
+- Security release 14.18.3
+- Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
+- Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
+- Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
+- Prototype pollution via `console.table` properties (Low)(CVE-2022-21824)
+
+
 * Thu Dec 09 2021 Stephen Gallagher <sgallagh@redhat.com> - 1:14.18.2-1
 - Update to bugfix release 14.18.2
 - Fixes a regression in DNS lookups of CNAME records with an underscore

sources

@@ -1,2 +1,2 @@
-SHA512 (node-v14.18.2-stripped.tar.gz) = 60bbec13348f92f7ab9cb7bb87f6c5d57dbebcb5a7eb18ed694a61302c3ffb0fa85328176d6ca155a4984de8e8a1ec26874cce369f4a9f8c7bd11b9a07b63564
+SHA512 (node-v14.18.3-stripped.tar.gz) = ff091b42b5bb39d95cebc59e538a9ed2c8ecf165ac9c6bd6bfff4e0d3b97b5f52d6365f616cc60f6220e7a65a007f7d8f9dc2bb0cfe264bfe19a0d21e999652c
 SHA512 (icu4c-69_1-src.tgz) = d4aeb781715144ea6e3c6b98df5bbe0490bfa3175221a1d667f3e6851b7bd4a638fa4a37d4a921ccb31f02b5d15a6dded9464d98051964a86f7b1cde0ff0aab7