OVAL Reference oval:org.opensuse.security:def:4994

Oval Definition:

oval:org.opensuse.security:def:4994

Revision Date:	2020-12-02	Version:	1
Title:	Security update for nodejs8 (Important)
Description:	This update for nodejs8 to version 8.16.1 fixes the following issues: Security issues fixed: - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#1146091). - CVE-2019-9512: Fixed HTTP/2 flood using PING frames results in unbounded memory growth (bsc#1146099). - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service. (bsc#1146094). - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146095). - CVE-2019-9515: Fixed HTTP/2 flood using SETTINGS frames results in unbounded memory growth (bsc#1146100). - CVE-2019-9516: Fixed HTTP/2 implementation that is vulnerable to a header leak, potentially leading to a denial of service (bsc#1146090). - CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering (bsc#1146097). - CVE-2019-9518: Fixed HTTP/2 implementation that is vulnerable to a flood of empty frames, potentially leading to a denial of service (bsc#1146093). Bug fixes: - Fixed that npm resolves its default config file like in all other versions, as /etc/nodejs/npmrc (bsc#1144919).
Family:	unix	Class:	patch
Status:		Reference(s):	1051510 1058115 1065729 1082555 1083647 1089895 1103990 1103991 1103992 1104745 1109837 1111666 1112178 1112374 1113956 1114279 1124278 1127354 1127355 1127371 1133021 1142685 1144333 1144919 1146090 1146091 1146093 1146094 1146095 1146097 1146099 1146100 1149126 1149429 1151186 1151794 1152489 1152778 1153879 1154738 1154824 1155419 1157169 1158265 1160388 1160471 1160947 1162629 1162632 1164780 1164871 1165183 1165280 1165289 1165478 1165741 1166969 1166978 1167574 1167851 1167867 1168332 1168670 1168789 1169020 1169514 1169525 1169679 1169748 1169762 1170056 1170125 1170145 1170284 1170345 1170441 1170457 1170522 1170592 1170617 1170618 1170620 1170621 1170770 1170778 1170791 1170901 1171078 1171098 1171118 1171189 1171191 1171195 1171202 1171205 1171214 1171217 1171218 1171219 1171220 1171244 1171293 1171417 1171441 1171443 1171444 1171445 1171446 1171447 1171474 1171527 1171599 1171600 1171601 1171602 1171604 1171605 1171606 1171607 1171608 1171609 1171610 1171611 1171612 1171613 1171614 1171615 1171616 1171617 1171618 1171619 1171620 1171621 1171622 1171623 1171624 1171625 1171626 1171662 1171679 1171691 1171692 1171694 1171695 1171736 1171817 1171948 1171949 1171951 1171952 1171979 1171982 1171983 1172017 1172096 1172097 1172098 1172099 1172101 1172102 1172103 1172104 1172127 1172130 1172185 1172188 1172199 1172201 1172202 1172221 1172249 1172251 1172317 1172342 1172343 1172344 1172366 1172378 1172391 1172397 1172453 1173247 1173605 1173674 1174200 CVE-2010-2252 CVE-2010-3170 CVE-2011-2513 CVE-2011-2514 CVE-2011-2895 CVE-2011-3377 CVE-2011-3389 CVE-2011-3640 CVE-2012-2391 CVE-2012-2396 CVE-2012-3355 CVE-2012-3422 CVE-2012-3423 CVE-2012-4540 CVE-2012-4929 CVE-2013-0743 CVE-2013-0791 CVE-2013-1620 CVE-2013-1739 CVE-2013-1740 CVE-2013-1912 CVE-2013-1926 CVE-2013-1927 CVE-2013-2002 CVE-2013-2005 CVE-2013-2175 CVE-2013-4349 CVE-2013-5605 CVE-2014-1492 CVE-2014-1568 CVE-2014-6269 CVE-2018-1000199 CVE-2019-11757 CVE-2019-11758 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-15681 CVE-2019-15690 CVE-2019-15903 CVE-2019-19462 CVE-2019-20788 CVE-2019-20806 CVE-2019-20812 CVE-2019-9455 CVE-2019-9511 CVE-2019-9512 CVE-2019-9513 CVE-2019-9514 CVE-2019-9515 CVE-2019-9516 CVE-2019-9517 CVE-2019-9518 CVE-2020-0543 CVE-2020-10690 CVE-2020-10711 CVE-2020-10720 CVE-2020-10732 CVE-2020-10751 CVE-2020-10757 CVE-2020-11017 CVE-2020-11018 CVE-2020-11019 CVE-2020-11038 CVE-2020-11039 CVE-2020-11040 CVE-2020-11041 CVE-2020-11043 CVE-2020-11085 CVE-2020-11086 CVE-2020-11087 CVE-2020-11088 CVE-2020-11089 CVE-2020-11095 CVE-2020-11096 CVE-2020-11097 CVE-2020-11098 CVE-2020-11099 CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11524 CVE-2020-11525 CVE-2020-11526 CVE-2020-12114 CVE-2020-12464 CVE-2020-12652 CVE-2020-12653 CVE-2020-12654 CVE-2020-12655 CVE-2020-12656 CVE-2020-12657 CVE-2020-12659 CVE-2020-12768 CVE-2020-12769 CVE-2020-13143 CVE-2020-13396 CVE-2020-13397 CVE-2020-13398 CVE-2020-15503 CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 CVE-2020-7059 CVE-2020-7060 CVE-2020-7062 CVE-2020-7063 SUSE-SU-2019:2260-1 SUSE-SU-2019:2912-1 SUSE-SU-2020:0622-1 SUSE-SU-2020:1164-1 SUSE-SU-2020:2029-1 SUSE-SU-2020:2032-1
Platform(s):	SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Point of Sale 12 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for Rasperry Pi 12 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND haproxy-1.5.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information icu-4.0-7.28.1 is installed OR libicu-4.0-7.28.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND java-1_7_0-openjdk-plugin-1.5.1-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND clamav-0.98.7-13 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information augeas-1.2.0-10 is installed OR augeas-lenses-1.2.0-10 is installed OR libaugeas0-1.2.0-10 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information bzip2-1.0.6-29 is installed OR libbz2-1-1.0.6-29 is installed OR libbz2-1-32bit-1.0.6-29 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND cvs-1.12.12-182.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 is installed AND python-PyYAML-3.10-15.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information ctdb-4.2.4-28.8.2 is installed OR samba-4.2.4-28.8.2 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND Package Information cluster-md-kmp-default-4.4.21-84.1 is installed OR cluster-network-kmp-default-4.4.21-84.1 is installed OR dlm-kmp-default-4.4.21-84.1 is installed OR gfs2-kmp-default-4.4.21-84.1 is installed OR kernel-default-4.4.21-84.1 is installed OR ocfs2-kmp-default-4.4.21-84.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND conntrack-tools-1.4.2-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND Package Information cluster-md-kmp-default-4.12.14-94.41 is installed OR dlm-kmp-default-4.12.14-94.41 is installed OR gfs2-kmp-default-4.12.14-94.41 is installed OR ocfs2-kmp-default-4.12.14-94.41 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND Package Information corosync-2.3.6-9.13 is installed OR libcorosync4-2.3.6-9.13 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_38-44-default-1-2.2 is installed OR kgraft-patch-3_12_38-44-xen-1-2.2 is installed OR kgraft-patch-SLE12_Update_3-1-2.2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information puppet-3.8.5-15.3.3 is installed OR puppet-server-3.8.5-15.3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND python-setuptools-1.1.7-7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND syslog-ng-3.4.5-3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.60-52.54.2 is installed OR kernel-ec2-devel-3.12.60-52.54.2 is installed OR kernel-ec2-extra-3.12.60-52.54.2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-15.1 is installed OR php5-5.5.14-15.1 is installed OR php5-bcmath-5.5.14-15.1 is installed OR php5-bz2-5.5.14-15.1 is installed OR php5-calendar-5.5.14-15.1 is installed OR php5-ctype-5.5.14-15.1 is installed OR php5-curl-5.5.14-15.1 is installed OR php5-dba-5.5.14-15.1 is installed OR php5-dom-5.5.14-15.1 is installed OR php5-enchant-5.5.14-15.1 is installed OR php5-exif-5.5.14-15.1 is installed OR php5-fastcgi-5.5.14-15.1 is installed OR php5-fileinfo-5.5.14-15.1 is installed OR php5-fpm-5.5.14-15.1 is installed OR php5-ftp-5.5.14-15.1 is installed OR php5-gd-5.5.14-15.1 is installed OR php5-gettext-5.5.14-15.1 is installed OR php5-gmp-5.5.14-15.1 is installed OR php5-iconv-5.5.14-15.1 is installed OR php5-intl-5.5.14-15.1 is installed OR php5-json-5.5.14-15.1 is installed OR php5-ldap-5.5.14-15.1 is installed OR php5-mbstring-5.5.14-15.1 is installed OR php5-mcrypt-5.5.14-15.1 is installed OR php5-mysql-5.5.14-15.1 is installed OR php5-odbc-5.5.14-15.1 is installed OR php5-openssl-5.5.14-15.1 is installed OR php5-pcntl-5.5.14-15.1 is installed OR php5-pdo-5.5.14-15.1 is installed OR php5-pear-5.5.14-15.1 is installed OR php5-pgsql-5.5.14-15.1 is installed OR php5-pspell-5.5.14-15.1 is installed OR php5-shmop-5.5.14-15.1 is installed OR php5-snmp-5.5.14-15.1 is installed OR php5-soap-5.5.14-15.1 is installed OR php5-sockets-5.5.14-15.1 is installed OR php5-sqlite-5.5.14-15.1 is installed OR php5-suhosin-5.5.14-15.1 is installed OR php5-sysvmsg-5.5.14-15.1 is installed OR php5-sysvsem-5.5.14-15.1 is installed OR php5-sysvshm-5.5.14-15.1 is installed OR php5-tokenizer-5.5.14-15.1 is installed OR php5-wddx-5.5.14-15.1 is installed OR php5-xmlreader-5.5.14-15.1 is installed OR php5-xmlrpc-5.5.14-15.1 is installed OR php5-xmlwriter-5.5.14-15.1 is installed OR php5-xsl-5.5.14-15.1 is installed OR php5-zip-5.5.14-15.1 is installed OR php5-zlib-5.5.14-15.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information nodejs8-8.16.1-3.20 is installed OR nodejs8-devel-8.16.1-3.20 is installed OR nodejs8-docs-8.16.1-3.20 is installed OR npm8-8.16.1-3.20 is installed
Definition Synopsis
SUSE Linux Enterprise Point of Sale 12 SP2 is installed AND Package Information salt-2016.11.4-45.2 is installed OR salt-minion-2016.11.4-45.2 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND libpython2_6-1_0-2.6.8-0.23.1 is installed OR libpython2_6-1_0-32bit-2.6.8-0.23.1 is installed OR libpython2_6-1_0-x86-2.6.8-0.23.1 is installed OR python-2.6.8-0.23.1 is installed OR python-32bit-2.6.8-0.23.1 is installed OR python-base-2.6.8-0.23.1 is installed OR python-base-32bit-2.6.8-0.23.1 is installed OR python-base-x86-2.6.8-0.23.1 is installed OR python-curses-2.6.8-0.23.1 is installed OR python-demo-2.6.8-0.23.1 is installed OR python-gdbm-2.6.8-0.23.1 is installed OR python-idle-2.6.8-0.23.1 is installed OR python-tk-2.6.8-0.23.1 is installed OR python-x86-2.6.8-0.23.1 is installed OR python-xml-2.6.8-0.23.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND libpython2_6-1_0-2.6.8-0.23.1 is installed OR libpython2_6-1_0-32bit-2.6.8-0.23.1 is installed OR libpython2_6-1_0-x86-2.6.8-0.23.1 is installed OR python-2.6.8-0.23.1 is installed OR python-32bit-2.6.8-0.23.1 is installed OR python-base-2.6.8-0.23.1 is installed OR python-base-32bit-2.6.8-0.23.1 is installed OR python-base-x86-2.6.8-0.23.1 is installed OR python-curses-2.6.8-0.23.1 is installed OR python-demo-2.6.8-0.23.1 is installed OR python-gdbm-2.6.8-0.23.1 is installed OR python-idle-2.6.8-0.23.1 is installed OR python-tk-2.6.8-0.23.1 is installed OR python-x86-2.6.8-0.23.1 is installed OR python-xml-2.6.8-0.23.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information evolution-data-server-2.28.2-0.29.24 is installed OR evolution-data-server-32bit-2.28.2-0.29.24 is installed OR evolution-data-server-lang-2.28.2-0.29.24 is installed OR evolution-data-server-x86-2.28.2-0.29.24 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND acpid-1.0.6-91.25.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11-SECURITY is installed AND Package Information libopenssl1-devel-1.0.1g-0.52.1 is installed OR libopenssl1_0_0-1.0.1g-0.52.1 is installed OR libopenssl1_0_0-32bit-1.0.1g-0.52.1 is installed OR libopenssl1_0_0-x86-1.0.1g-0.52.1 is installed OR openssl1-1.0.1g-0.52.1 is installed OR openssl1-doc-1.0.1g-0.52.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information libxml2-2.9.1-10.1 is installed OR libxml2-2-2.9.1-10.1 is installed OR libxml2-2-32bit-2.9.1-10.1 is installed OR libxml2-doc-2.9.1-10.1 is installed OR libxml2-tools-2.9.1-10.1 is installed OR python-libxml2-2.9.1-10.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information grub2-2.02~beta2-73.3 is installed OR grub2-i386-pc-2.02~beta2-73.3 is installed OR grub2-powerpc-ieee1275-2.02~beta2-73.3 is installed OR grub2-s390x-emu-2.02~beta2-73.3 is installed OR grub2-snapper-plugin-2.02~beta2-73.3 is installed OR grub2-x86_64-efi-2.02~beta2-73.3 is installed OR grub2-x86_64-xen-2.02~beta2-73.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gpg2-2.0.24-3 is installed OR gpg2-lang-2.0.24-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache2-2.4.23-28 is installed OR apache2-doc-2.4.23-28 is installed OR apache2-example-pages-2.4.23-28 is installed OR apache2-prefork-2.4.23-28 is installed OR apache2-utils-2.4.23-28 is installed OR apache2-worker-2.4.23-28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND apache-commons-httpclient-3.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information apache2-2.4.10-14.17.1 is installed OR apache2-doc-2.4.10-14.17.1 is installed OR apache2-example-pages-2.4.10-14.17.1 is installed OR apache2-prefork-2.4.10-14.17.1 is installed OR apache2-utils-2.4.10-14.17.1 is installed OR apache2-worker-2.4.10-14.17.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information evince-3.20.1-6.14 is installed OR evince-browser-plugin-3.20.1-6.14 is installed OR evince-lang-3.20.1-6.14 is installed OR evince-plugin-djvudocument-3.20.1-6.14 is installed OR evince-plugin-dvidocument-3.20.1-6.14 is installed OR evince-plugin-pdfdocument-3.20.1-6.14 is installed OR evince-plugin-psdocument-3.20.1-6.14 is installed OR evince-plugin-tiffdocument-3.20.1-6.14 is installed OR evince-plugin-xpsdocument-3.20.1-6.14 is installed OR libevdocument3-4-3.20.1-6.14 is installed OR libevview3-3-3.20.1-6.14 is installed OR nautilus-evince-3.20.1-6.14 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information jasper-1.900.14-134.25.1 is installed OR libjasper-devel-1.900.14-134.25.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND libcurl-devel-7.37.0-15 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information bash-devel-4.3-78 is installed OR readline-devel-6.3-78 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-70 is installed OR ImageMagick-devel-6.8.8.1-70 is installed OR libMagick++-6_Q16-3-6.8.8.1-70 is installed OR libMagick++-devel-6.8.8.1-70 is installed OR perl-PerlMagick-6.8.8.1-70 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information flash-player-11.2.202.451-77.1 is installed OR flash-player-gnome-11.2.202.451-77.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information flash-player-11.2.202.559-117.1 is installed OR flash-player-gnome-11.2.202.559-117.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-68.2.1-3.58 is installed OR MozillaThunderbird-translations-common-68.2.1-3.58 is installed OR MozillaThunderbird-translations-other-68.2.1-3.58 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information libraw-0.18.9-3.11 is installed OR libraw-devel-0.18.9-3.11 is installed OR libraw16-0.18.9-3.11 is installed

BACK