Node.js 17.3.1 軟體資訊交流 Mac

winXmac軟體社群 Mac 壓縮備份 aONe 免費軟體 Rate 70

Keka for Mac,軟體教學,軟體下載,軟體社群,Windows軟體,Mac軟體

Node.js 17.3.1 Mac


Keka 是一個有用和易於使用的 Mac OS X 壓縮和備份應用程序,用於管理桌面或 Finder 窗口中壓縮文件的所有方面。通過多種文件壓縮功能,支持各種主流壓縮格式,拖放界面,Keka 絕對值得在您的 Dock 或者主窗口上找到一席之地。為了讓 Keka 對新手和專業人士更具吸引力,這個 100%免費的應用程序在壓縮和提取歸檔格式方面具有廣泛的兼容性,但是您必須意識到並非所有的提取格式也都支持壓縮。除了 ZIP,RAR 和 7 -Zip 等流行格式外,Keka for Mac 還可以管理 ISO 格式的流行 CD / DVD 光盤鏡像文件,這對於希望利用 CD / DVD 虛擬驅動器.

提取文件是 100%無縫的,直接集成了桌面,Dock 和 Finder。所有主要格式的檔案都可以通過簡單的雙擊或拖放到 Dock 或主窗口上的 Keka 圖標上進行操作和提取。有了這樣的易用性,您可以選擇 Keka 作為主要的歸檔操作實用程序.

Keka 文件歸檔程序可以免費安裝,在 Mac OS 10.5 或更新的版本上沒有任何限制(舊的舊版本仍然可以使用在 Mac OS X 10.4 Tiger 上)。應用程序不具有訂閱,單次購買,解鎖或任何應用程序內功能,並沒有應用程序內的廣告。這個應用程序的開發人員只接受捐款,保持這個項目活著,並跟踪接收許多未來的更新.

壓縮格式支持:
7z,Zip,焦油,Gzip,Bzip2,DMG 和 ISO.

支持的提取格式:
RAR,7z,Lzma,Zip ,Tar,Gzip,Bzip2,ISO,EXE,CAB,PAX 以及更多.

檔案版本 Node.js 17.3.1
檔案名稱 node-v17.3.1.pkg
檔案大小
系統 Mac OS X 10.7 or later
軟體類型 免費軟體
作者 aONe
更新日期 http://www.kekaosx.com/
軟體類型 2022-01-11
更新日誌

What's new in this version:

Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531):
- Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI SANs, Node.js did not match the URI correctly.
- Versions of Node.js with the fix for this disable the URI SAN type when checking a certificate against a hostname. This behavior can be reverted through the --security-revert command-line option
- More details will be available at CVE-2021-44531 after publication

Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532):
- Node.js converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an injection vulnerability when name constraints were used within a certificate chain, allowing the bypass of these name constraints.
- Versions of Node.js with the fix for this escape SANs containing the problematic characters in order to prevent the injection. This behavior can be reverted through the --security-revert command-line option.
- More details will be available at CVE-2021-44532 after publication

Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533):
- Node.js did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification.
- Affected versions of Node.js do not accept multi-value Relative Distinguished Names and are thus not vulnerable to such attacks themselves. However, third-party code that uses node's ambiguous presentation of certificate subjects may be vulnerable.
- More details will be available at CVE-2021-44533 after publication

Prototype pollution via console.table properties (Low)(CVE-2022-21824):
- Due to the formatting logic of the console.table() function it was not safe to allow user controlled input to be passed to the properties parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be __proto__. The prototype pollution has very limited control, in that it only allows an empty string to be assigned numerical keys of the object prototype.
- Versions of Node.js with the fix for this use a null protoype for the object these properties are being assigned to
- More details will be available at CVE-2022-21824 after publication
- Thanks to Patrik Oldsberg (rugvip) for reporting this vulnerability

檔案下載 檔案下載
  • Keka for Mac Screenshot 1Keka for Mac Screenshot 2Keka for Mac Screenshot 3Keka for Mac Screenshot 4Keka for Mac Screenshot 5