OVAL Reference oval:org.opensuse.security:def:4976

Oval Definition:

oval:org.opensuse.security:def:4976

Revision Date:	2020-12-02	Version:	1
Title:	Security update for nodejs8 (Important)
Description:	This update for nodejs8 to version 8.16.1 fixes the following issues: Security issues fixed: - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#1146091). - CVE-2019-9512: Fixed HTTP/2 flood using PING frames results in unbounded memory growth (bsc#1146099). - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service. (bsc#1146094). - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146095). - CVE-2019-9515: Fixed HTTP/2 flood using SETTINGS frames results in unbounded memory growth (bsc#1146100). - CVE-2019-9516: Fixed HTTP/2 implementation that is vulnerable to a header leak, potentially leading to a denial of service (bsc#1146090). - CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering (bsc#1146097). - CVE-2019-9518: Fixed HTTP/2 implementation that is vulnerable to a flood of empty frames, potentially leading to a denial of service (bsc#1146093). Bug fixes: - Fixed that npm resolves its default config file like in all other versions, as /etc/nodejs/npmrc (bsc#1144919).
Family:	unix	Class:	patch
Status:		Reference(s):	1013708 1013712 1013893 1015171 1133534 1141025 1141861 1141862 1144919 1146090 1146091 1146093 1146094 1146095 1146097 1146098 1146099 1146100 1146105 1146107 1149792 1149943 1149944 1151317 1158194 1159352 1159812 1174230 1174910 1174913 1176384 1176756 1176899 1177977 CVE-2009-4492 CVE-2010-0541 CVE-2010-0750 CVE-2010-2761 CVE-2010-4410 CVE-2010-4411 CVE-2010-4777 CVE-2011-0460 CVE-2011-1004 CVE-2011-1005 CVE-2011-1485 CVE-2011-1709 CVE-2011-2483 CVE-2011-4815 CVE-2013-2062 CVE-2013-4288 CVE-2016-9797 CVE-2016-9798 CVE-2016-9802 CVE-2016-9917 CVE-2019-16775 CVE-2019-16776 CVE-2019-16777 CVE-2019-19451 CVE-2019-9511 CVE-2019-9512 CVE-2019-9513 CVE-2019-9514 CVE-2019-9515 CVE-2019-9516 CVE-2019-9517 CVE-2019-9518 CVE-2019-9848 CVE-2019-9849 CVE-2019-9850 CVE-2019-9851 CVE-2019-9852 CVE-2019-9854 CVE-2019-9855 CVE-2020-14361 CVE-2020-14362 CVE-2020-15673 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678 CVE-2020-15683 CVE-2020-15969 SUSE-SU-2019:1353-2 SUSE-SU-2019:2260-1 SUSE-SU-2019:2402-1 SUSE-SU-2019:2982-1 SUSE-SU-2019:3391-1 SUSE-SU-2020:0104-1 SUSE-SU-2020:2452-1 SUSE-SU-2020:3091-1
Platform(s):	SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND gd-2.0.36.RC1-52.20.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information gdm-3.10.0.1-13 is installed OR gdm-branding-upstream-3.10.0.1-13 is installed OR gdm-lang-3.10.0.1-13 is installed OR gdmflexiserver-3.10.0.1-13 is installed OR libgdm1-3.10.0.1-13 is installed OR typelib-1_0-Gdm-1_0-3.10.0.1-13 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information curl-7.37.0-15 is installed OR libcurl4-7.37.0-15 is installed OR libcurl4-32bit-7.37.0-15 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information cracklib-2.9.0-7 is installed OR libcrack2-2.9.0-7 is installed OR libcrack2-32bit-2.9.0-7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-70 is installed OR libMagick++-6_Q16-3-6.8.8.1-70 is installed OR libMagickCore-6_Q16-1-6.8.8.1-70 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-70 is installed OR libMagickWand-6_Q16-1-6.8.8.1-70 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND bogofilter-1.2.4-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 is installed AND Package Information ctdb-4.2.4-18.30.1 is installed OR samba-4.2.4-18.30.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information ctdb-4.2.4-28.3.1 is installed OR samba-4.2.4-28.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND ctdb-4.4.2-29 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND Package Information cluster-md-kmp-default-4.4.73-5 is installed OR dlm-kmp-default-4.4.73-5 is installed OR gfs2-kmp-default-4.4.73-5 is installed OR ocfs2-kmp-default-4.4.73-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND python-requests-2.11.1-6.28 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND conntrack-tools-1.4.2-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information audiofile-0.3.6-11.3 is installed OR libaudiofile1-0.3.6-11.3 is installed OR libaudiofile1-32bit-0.3.6-11.3 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_44-52_10-default-1-2.1 is installed OR kgraft-patch-3_12_44-52_10-xen-1-2.1 is installed OR kgraft-patch-SLE12_Update_6-1-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_82-6_6-default-1-2.1 is installed OR kgraft-patch-SLE12-SP3_Update_2-1-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information salt-2016.11.4-45.2 is installed OR salt-api-2016.11.4-45.2 is installed OR salt-bash-completion-2016.11.4-45.2 is installed OR salt-cloud-2016.11.4-45.2 is installed OR salt-doc-2016.11.4-45.2 is installed OR salt-master-2016.11.4-45.2 is installed OR salt-minion-2016.11.4-45.2 is installed OR salt-proxy-2016.11.4-45.2 is installed OR salt-ssh-2016.11.4-45.2 is installed OR salt-syndic-2016.11.4-45.2 is installed OR salt-zsh-completion-2016.11.4-45.2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND Package Information ruby2.1-rubygem-rack-1_4-1.4.5-8.10 is installed OR rubygem-rack-1_4-1.4.5-8.10 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information compat-openssl098-0.9.8j-105.1 is installed OR libopenssl0_9_8-0.9.8j-105.1 is installed OR libopenssl0_9_8-32bit-0.9.8j-105.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.32-33.1 is installed OR kernel-ec2-devel-3.12.32-33.1 is installed OR kernel-ec2-extra-3.12.32-33.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-30.1 is installed OR php5-5.5.14-30.1 is installed OR php5-bcmath-5.5.14-30.1 is installed OR php5-bz2-5.5.14-30.1 is installed OR php5-calendar-5.5.14-30.1 is installed OR php5-ctype-5.5.14-30.1 is installed OR php5-curl-5.5.14-30.1 is installed OR php5-dba-5.5.14-30.1 is installed OR php5-dom-5.5.14-30.1 is installed OR php5-enchant-5.5.14-30.1 is installed OR php5-exif-5.5.14-30.1 is installed OR php5-fastcgi-5.5.14-30.1 is installed OR php5-fileinfo-5.5.14-30.1 is installed OR php5-fpm-5.5.14-30.1 is installed OR php5-ftp-5.5.14-30.1 is installed OR php5-gd-5.5.14-30.1 is installed OR php5-gettext-5.5.14-30.1 is installed OR php5-gmp-5.5.14-30.1 is installed OR php5-iconv-5.5.14-30.1 is installed OR php5-intl-5.5.14-30.1 is installed OR php5-json-5.5.14-30.1 is installed OR php5-ldap-5.5.14-30.1 is installed OR php5-mbstring-5.5.14-30.1 is installed OR php5-mcrypt-5.5.14-30.1 is installed OR php5-mysql-5.5.14-30.1 is installed OR php5-odbc-5.5.14-30.1 is installed OR php5-openssl-5.5.14-30.1 is installed OR php5-pcntl-5.5.14-30.1 is installed OR php5-pdo-5.5.14-30.1 is installed OR php5-pear-5.5.14-30.1 is installed OR php5-pgsql-5.5.14-30.1 is installed OR php5-pspell-5.5.14-30.1 is installed OR php5-shmop-5.5.14-30.1 is installed OR php5-snmp-5.5.14-30.1 is installed OR php5-soap-5.5.14-30.1 is installed OR php5-sockets-5.5.14-30.1 is installed OR php5-sqlite-5.5.14-30.1 is installed OR php5-suhosin-5.5.14-30.1 is installed OR php5-sysvmsg-5.5.14-30.1 is installed OR php5-sysvsem-5.5.14-30.1 is installed OR php5-sysvshm-5.5.14-30.1 is installed OR php5-tokenizer-5.5.14-30.1 is installed OR php5-wddx-5.5.14-30.1 is installed OR php5-xmlreader-5.5.14-30.1 is installed OR php5-xmlrpc-5.5.14-30.1 is installed OR php5-xmlwriter-5.5.14-30.1 is installed OR php5-xsl-5.5.14-30.1 is installed OR php5-zip-5.5.14-30.1 is installed OR php5-zlib-5.5.14-30.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information nodejs8-8.16.1-3.20 is installed OR nodejs8-devel-8.16.1-3.20 is installed OR nodejs8-docs-8.16.1-3.20 is installed OR npm8-8.16.1-3.20 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information nodejs10-10.18.0-1.15 is installed OR nodejs10-devel-10.18.0-1.15 is installed OR nodejs10-docs-10.18.0-1.15 is installed OR npm10-10.18.0-1.15 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND orca-2.28.3-0.5.10 is installed OR orca-lang-2.28.3-0.5.10 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND orca-2.28.3-0.5.10 is installed OR orca-lang-2.28.3-0.5.10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND clamav-0.97.7-0.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND a2ps-4.13-1326.37.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information gnutls-3.2.15-4.1 is installed OR libgnutls-openssl27-3.2.15-4.1 is installed OR libgnutls28-3.2.15-4.1 is installed OR libgnutls28-32bit-3.2.15-4.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information apache2-2.4.16-7.1 is installed OR apache2-doc-2.4.16-7.1 is installed OR apache2-example-pages-2.4.16-7.1 is installed OR apache2-prefork-2.4.16-7.1 is installed OR apache2-utils-2.4.16-7.1 is installed OR apache2-worker-2.4.16-7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information file-5.19-9 is installed OR file-magic-5.19-9 is installed OR libmagic1-5.19-9 is installed OR libmagic1-32bit-5.19-9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR alsa-docs-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND ant-1.9.4-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information libmysqlclient-devel-10.0.26-20.10.2 is installed OR libmysqlclient18-10.0.26-20.10.2 is installed OR libmysqlclient18-32bit-10.0.26-20.10.2 is installed OR libmysqlclient_r18-10.0.26-20.10.2 is installed OR libmysqld-devel-10.0.26-20.10.2 is installed OR libmysqld18-10.0.26-20.10.2 is installed OR mariadb-10.0.26-20.10.2 is installed OR mariadb-client-10.0.26-20.10.2 is installed OR mariadb-errormessages-10.0.26-20.10.2 is installed OR mariadb-tools-10.0.26-20.10.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information apache2-2.4.23-28 is installed OR apache2-doc-2.4.23-28 is installed OR apache2-example-pages-2.4.23-28 is installed OR apache2-prefork-2.4.23-28 is installed OR apache2-utils-2.4.23-28 is installed OR apache2-worker-2.4.23-28 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information ghostscript-devel-8.62-32.41.1 is installed OR ghostscript-ijs-devel-8.62-32.41.1 is installed OR ghostscript-library-8.62-32.41.1 is installed OR libgimpprint-devel-4.2.7-32.41.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND libXp-devel-1.0.2-3 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND MozillaFirefox-devel-45.4.0esr-81 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND freetype2-devel-2.6.3-7.10 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information finch-2.10.9-8.1 is installed OR libpurple-2.10.9-8.1 is installed OR libpurple-lang-2.10.9-8.1 is installed OR libpurple-meanwhile-2.10.9-8.1 is installed OR libpurple-tcl-2.10.9-8.1 is installed OR pidgin-2.10.9-8.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information flash-player-11.2.202.554-114.1 is installed OR flash-player-gnome-11.2.202.554-114.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information bluez-5.48-5.16 is installed OR bluez-cups-5.48-5.16 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information xorg-x11-server-1.20.3-22.5.5 is installed OR xorg-x11-server-wayland-1.20.3-22.5.5 is installed

BACK