Oval Definition:oval:org.opensuse.security:def:109478
Revision Date:2021-07-15Version:1
Title:Security update for nodejs10 (Important)
Description:

This update for nodejs10 fixes the following issues:

Update nodejs10 to 10.24.1.

Including fixes for

- CVE-2021-22918: libuv upgrade - Out of bounds read (bsc#1187973) - CVE-2021-27290: ssri Regular Expression Denial of Service (bsc#1187976) - CVE-2021-23362: hosted-git-info Regular Expression Denial of Service (bsc#1187977) - CVE-2020-7774: y18n Prototype Pollution (bsc#1184450) - CVE-2021-3450: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (bsc#1183851) - CVE-2021-3449: OpenSSL - NULL pointer deref in signature_algorithms processing (bsc#1183852) - reduce memory footprint of test-worker-stdio (bsc#1183155)
Family:unixClass:patch
Status:Reference(s):1183155
1183851
1183852
1184450
1187973
1187976
1187977
CVE-2020-7774
CVE-2021-22918
CVE-2021-23362
CVE-2021-27290
CVE-2021-3449
CVE-2021-3450
SUSE-SU-2021:2353-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Web Scripting 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP2 is installed
  • AND Package Information
  • nodejs10-10.24.1-1.36.1 is installed
  • OR nodejs10-devel-10.24.1-1.36.1 is installed
  • OR nodejs10-docs-10.24.1-1.36.1 is installed
  • OR npm10-10.24.1-1.36.1 is installed
  • BACK