Oval Definition:	oval:org.opensuse.security:def:53406
Revision Date: 2020-12-01 Version: 1 Title: Security update for nodejs10 (Important) Description: This update for nodejs10 to version 10.16.3 fixes the following issues: Security issues fixed: - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#1146091). - CVE-2019-9512: Fixed HTTP/2 flood using PING frames results in unbounded memory growth (bsc#1146099). - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service. (bsc#1146094). - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146095). - CVE-2019-9515: Fixed HTTP/2 flood using SETTINGS frames results in unbounded memory growth (bsc#1146100). - CVE-2019-9516: Fixed HTTP/2 implementation that is vulnerable to a header leak, potentially leading to a denial of service (bsc#1146090). - CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering (bsc#1146097). - CVE-2019-9518: Fixed HTTP/2 implementation that is vulnerable to a flood of empty frames, potentially leading to a denial of service (bsc#1146093). Family: unix Class: patch Status: Reference(s): 1005091 1012677 1016503 1016504 1017081 1017084 1020427 1020983 1021741 1024076 1024079 1025109 1025311 1025950 1025951 1028184 1028656 1030624 1031142 1032075 1033466 1033467 1033468 1034866 1034908 1035406 1035950 1036211 1037242 1037334 1037336 1039495 1042159 1042800 1042801 1043073 1043296 1146090 1146091 1146093 1146094 1146095 1146097 1146099 1146100 1171928 907434 908742 909219 957531 974092 987866 989528 995964 CVE-2008-3522 CVE-2009-1210 CVE-2009-1267 CVE-2009-1268 CVE-2009-1269 CVE-2009-3241 CVE-2009-3242 CVE-2009-3243 CVE-2010-1455 CVE-2010-2993 CVE-2010-3445 CVE-2010-4300 CVE-2010-4301 CVE-2010-4538 CVE-2011-0024 CVE-2011-0538 CVE-2011-0713 CVE-2011-1138 CVE-2011-1139 CVE-2011-1140 CVE-2011-1143 CVE-2011-1590 CVE-2011-1591 CVE-2011-1592 CVE-2011-1957 CVE-2011-1958 CVE-2011-1959 CVE-2011-2174 CVE-2011-2175 CVE-2011-2597 CVE-2011-2698 CVE-2011-3266 CVE-2011-3360 CVE-2011-3483 CVE-2011-4516 CVE-2011-4517 CVE-2012-2392 CVE-2012-2393 CVE-2012-2394 CVE-2012-3548 CVE-2012-4048 CVE-2012-4049 CVE-2012-4285 CVE-2012-4286 CVE-2012-4287 CVE-2012-4288 CVE-2012-4289 CVE-2012-4290 CVE-2012-4291 CVE-2012-4292 CVE-2012-4293 CVE-2012-4294 CVE-2012-4295 CVE-2012-4296 CVE-2012-4297 CVE-2012-4298 CVE-2012-5237 CVE-2012-5238 CVE-2012-5239 CVE-2012-5240 CVE-2012-5592 CVE-2012-5593 CVE-2012-5594 CVE-2012-5595 CVE-2012-5596 CVE-2012-5597 CVE-2012-5598 CVE-2012-5599 CVE-2012-5600 CVE-2012-5601 CVE-2012-5602 CVE-2013-1572 CVE-2013-1573 CVE-2013-1574 CVE-2013-1575 CVE-2013-1576 CVE-2013-1577 CVE-2013-1578 CVE-2013-1579 CVE-2013-1580 CVE-2013-1581 CVE-2013-1582 CVE-2013-1583 CVE-2013-1584 CVE-2013-1585 CVE-2013-1586 CVE-2013-1587 CVE-2013-1588 CVE-2013-1589 CVE-2013-1590 CVE-2013-2142 CVE-2013-2475 CVE-2013-2476 CVE-2013-2477 CVE-2013-2478 CVE-2013-2479 CVE-2013-2480 CVE-2013-2481 CVE-2013-2482 CVE-2013-2483 CVE-2013-2484 CVE-2013-2485 CVE-2013-2486 CVE-2013-2487 CVE-2013-2488 CVE-2013-3555 CVE-2013-3556 CVE-2013-3557 CVE-2013-3558 CVE-2013-3559 CVE-2013-3560 CVE-2013-3561 CVE-2013-3562 CVE-2013-4083 CVE-2013-4143 CVE-2013-4920 CVE-2013-4921 CVE-2013-4922 CVE-2013-4923 CVE-2013-4924 CVE-2013-4925 CVE-2013-4926 CVE-2013-4927 CVE-2013-4928 CVE-2013-4929 CVE-2013-4930 CVE-2013-4931 CVE-2013-4932 CVE-2013-4933 CVE-2013-4934 CVE-2013-4935 CVE-2013-4936 CVE-2013-5717 CVE-2013-5718 CVE-2013-5719 CVE-2013-5720 CVE-2013-5721 CVE-2013-5722 CVE-2013-6336 CVE-2013-6337 CVE-2013-6338 CVE-2013-6339 CVE-2013-6340 CVE-2013-7112 CVE-2013-7113 CVE-2013-7114 CVE-2014-0580 CVE-2014-0587 CVE-2014-2281 CVE-2014-2282 CVE-2014-2283 CVE-2014-2299 CVE-2014-2907 CVE-2014-4020 CVE-2014-5161 CVE-2014-5162 CVE-2014-5163 CVE-2014-5164 CVE-2014-5165 CVE-2014-8137 CVE-2014-8138 CVE-2014-8157 CVE-2014-8158 CVE-2014-8443 CVE-2014-9029 CVE-2014-9114 CVE-2014-9162 CVE-2014-9163 CVE-2014-9164 CVE-2015-0559 CVE-2015-0560 CVE-2015-0561 CVE-2015-0562 CVE-2015-0563 CVE-2015-0564 CVE-2015-2188 CVE-2015-2189 CVE-2015-2191 CVE-2015-3294 CVE-2015-3811 CVE-2015-3812 CVE-2015-3813 CVE-2015-3814 CVE-2015-5203 CVE-2015-5221 CVE-2015-7830 CVE-2015-8327 CVE-2015-8711 CVE-2015-8712 CVE-2015-8713 CVE-2015-8714 CVE-2015-8715 CVE-2015-8716 CVE-2015-8717 CVE-2015-8718 CVE-2015-8719 CVE-2015-8720 CVE-2015-8721 CVE-2015-8722 CVE-2015-8723 CVE-2015-8724 CVE-2015-8725 CVE-2015-8726 CVE-2015-8727 CVE-2015-8728 CVE-2015-8729 CVE-2015-8730 CVE-2015-8731 CVE-2015-8732 CVE-2015-8733 CVE-2015-8899 CVE-2016-10028 CVE-2016-10029 CVE-2016-10164 CVE-2016-10251 CVE-2016-1577 CVE-2016-1867 CVE-2016-2089 CVE-2016-2116 CVE-2016-2523 CVE-2016-2530 CVE-2016-2531 CVE-2016-2532 CVE-2016-2775 CVE-2016-5104 CVE-2016-5350 CVE-2016-5351 CVE-2016-5352 CVE-2016-5353 CVE-2016-5354 CVE-2016-5355 CVE-2016-5356 CVE-2016-5357 CVE-2016-5358 CVE-2016-5359 CVE-2016-6170 CVE-2016-6354 CVE-2016-6504 CVE-2016-6505 CVE-2016-6506 CVE-2016-6507 CVE-2016-6508 CVE-2016-6509 CVE-2016-6510 CVE-2016-6511 CVE-2016-7098 CVE-2016-7175 CVE-2016-7176 CVE-2016-7177 CVE-2016-7178 CVE-2016-7179 CVE-2016-7180 CVE-2016-8654 CVE-2016-8690 CVE-2016-8691 CVE-2016-8692 CVE-2016-8693 CVE-2016-8880 CVE-2016-8881 CVE-2016-8882 CVE-2016-8883 CVE-2016-8884 CVE-2016-8885 CVE-2016-8886 CVE-2016-8887 CVE-2016-9373 CVE-2016-9374 CVE-2016-9375 CVE-2016-9376 CVE-2016-9395 CVE-2016-9398 CVE-2016-9560 CVE-2016-9583 CVE-2016-9591 CVE-2016-9600 CVE-2016-9602 CVE-2016-9603 CVE-2017-3136 CVE-2017-3137 CVE-2017-3138 CVE-2017-5498 CVE-2017-5579 CVE-2017-5596 CVE-2017-5597 CVE-2017-5837 CVE-2017-5844 CVE-2017-5973 CVE-2017-5987 CVE-2017-6014 CVE-2017-6505 CVE-2017-6850 CVE-2017-7377 CVE-2017-7471 CVE-2017-7493 CVE-2017-7700 CVE-2017-7701 CVE-2017-7702 CVE-2017-7703 CVE-2017-7704 CVE-2017-7705 CVE-2017-7718 CVE-2017-7745 CVE-2017-7746 CVE-2017-7747 CVE-2017-7748 CVE-2017-7980 CVE-2017-8086 CVE-2017-8112 CVE-2017-8309 CVE-2017-8379 CVE-2017-8380 CVE-2017-9330 CVE-2017-9343 CVE-2017-9344 CVE-2017-9345 CVE-2017-9346 CVE-2017-9347 CVE-2017-9348 CVE-2017-9349 CVE-2017-9350 CVE-2017-9351 CVE-2017-9352 CVE-2017-9353 CVE-2017-9354 CVE-2017-9373 CVE-2017-9374 CVE-2017-9375 CVE-2017-9503 CVE-2019-9511 CVE-2019-9512 CVE-2019-9513 CVE-2019-9514 CVE-2019-9515 CVE-2019-9516 CVE-2019-9517 CVE-2019-9518 CVE-2020-9484 SUSE-SU-2015:0270-1 SUSE-SU-2016:0092-1 SUSE-SU-2016:3268-1 SUSE-SU-2017:0695-1 SUSE-SU-2017:0998-1 SUSE-SU-2017:1003-1 SUSE-SU-2017:1774-1 SUSE-SU-2019:2259-1 SUSE-SU-2020:1364-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information MozillaFirefox-60.0-lp150.2 is installed OR MozillaFirefox-translations-common-60.0-lp150.2 is installed OR MozillaFirefox-translations-other-60.0-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information bzip2-1.0.6-lp151.5.3 is installed OR bzip2-doc-1.0.6-lp151.5.3 is installed OR libbz2-1-1.0.6-lp151.5.3 is installed OR libbz2-1-32bit-1.0.6-lp151.5.3 is installed OR libbz2-devel-1.0.6-lp151.5.3 is installed OR libbz2-devel-32bit-1.0.6-lp151.5.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information curl-7.19.7-1.20.31 is installed OR libcurl4-7.19.7-1.20.31 is installed OR libcurl4-32bit-7.19.7-1.20.31 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information emacs-22.3-4.42 is installed OR emacs-info-22.3-4.42 is installed OR emacs-x11-22.3-4.42 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND cabextract-1.2-2.12 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information flash-player-11.2.202.425-19 is installed OR flash-player-gnome-11.2.202.425-19 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND wget-1.14-17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information qemu-2.6.2-41.16 is installed OR qemu-block-curl-2.6.2-41.16 is installed OR qemu-ipxe-1.0.0-41.16 is installed OR qemu-kvm-2.6.2-41.16 is installed OR qemu-seabios-1.9.1-41.16 is installed OR qemu-sgabios-8-41.16 is installed OR qemu-tools-2.6.2-41.16 is installed OR qemu-vgabios-1.9.1-41.16 is installed OR qemu-x86-2.6.2-41.16 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND dnsmasq-2.76-17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information imobiledevice-tools-1.2.0-7 is installed OR libimobiledevice6-1.2.0-7 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information nodejs10-10.16.3-1.12 is installed OR nodejs10-devel-10.16.3-1.12 is installed OR nodejs10-docs-10.16.3-1.12 is installed OR npm10-10.16.3-1.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information accountsservice-0.6.35-3 is installed OR accountsservice-lang-0.6.35-3 is installed OR libaccountsservice0-0.6.35-3 is installed OR typelib-1_0-AccountsService-1_0-0.6.35-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_32-default-6-2 is installed OR kgraft-patch-3_12_69-60_64_32-xen-6-2 is installed OR kgraft-patch-SLE12-SP1_Update_13-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND syslog-service-2.0-778 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libjavascriptcoregtk-4_0-18-2.22.5-2.32 is installed OR libwebkit2gtk-4_0-37-2.22.5-2.32 is installed OR libwebkit2gtk3-lang-2.22.5-2.32 is installed OR typelib-1_0-JavaScriptCore-4_0-2.22.5-2.32 is installed OR typelib-1_0-WebKit2-4_0-2.22.5-2.32 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.22.5-2.32 is installed OR webkit2gtk-4_0-injected-bundles-2.22.5-2.32 is installed OR webkit2gtk3-2.22.5-2.32 is installed OR webkit2gtk3-devel-2.22.5-2.32 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND coolkey-1.1.0-147 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND squid-3.5.21-26.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_162-94_72-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_22-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information liblouis-2.6.4-6.6 is installed OR liblouis-data-2.6.4-6.6 is installed OR liblouis9-2.6.4-6.6 is installed OR python-louis-2.6.4-6.6 is installed OR python3-louis-2.6.4-6.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND binutils-2.31-9.26 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information tomcat-9.0.35-3.52 is installed OR tomcat-admin-webapps-9.0.35-3.52 is installed OR tomcat-el-3_0-api-9.0.35-3.52 is installed OR tomcat-jsp-2_3-api-9.0.35-3.52 is installed OR tomcat-lib-9.0.35-3.52 is installed OR tomcat-servlet-4_0-api-9.0.35-3.52 is installed OR tomcat-webapps-9.0.35-3.52 is installed Definition Synopsis SUSE OpenStack Cloud 6-LTSS is installed AND docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information python3-rpm-4.11.2-16.21 is installed OR rpm-4.11.2-16.21 is installed OR rpm-32bit-4.11.2-16.21 is installed OR rpm-build-4.11.2-16.21 is installed OR rpm-python-4.11.2-16.21 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libmysqlclient18-10.0.40.3-29.38 is installed OR mariadb-10.0.40.3-29.38 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-urllib3-1.23-3.6 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND nodejs6-6.17.0-11.27 is installed
BACK