Oval Definition:oval:org.opensuse.security:def:105438
Revision Date:2019-09-02Version:1
Title:Security update for nodejs10 (Important)
Description:

This update for nodejs10 to version 10.16.3 fixes the following issues:

Security issues fixed:

- CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#1146091). - CVE-2019-9512: Fixed HTTP/2 flood using PING frames results in unbounded memory growth (bsc#1146099). - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service. (bsc#1146094). - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146095). - CVE-2019-9515: Fixed HTTP/2 flood using SETTINGS frames results in unbounded memory growth (bsc#1146100). - CVE-2019-9516: Fixed HTTP/2 implementation that is vulnerable to a header leak, potentially leading to a denial of service (bsc#1146090). - CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering (bsc#1146097). - CVE-2019-9518: Fixed HTTP/2 implementation that is vulnerable to a flood of empty frames, potentially leading to a denial of service (bsc#1146093).
Family:unixClass:patch
Status:Reference(s):1146090
1146091
1146093
1146094
1146095
1146097
1146099
1146100
CVE-2019-9511
CVE-2019-9512
CVE-2019-9513
CVE-2019-9514
CVE-2019-9515
CVE-2019-9516
CVE-2019-9517
CVE-2019-9518
SUSE-SU-2019:2259-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND Package Information
  • nodejs10-10.16.3-1.12.1 is installed
  • OR nodejs10-devel-10.16.3-1.12.1 is installed
  • OR nodejs10-docs-10.16.3-1.12.1 is installed
  • OR npm10-10.16.3-1.12.1 is installed
    • BACK