Oval Definition:	oval:org.opensuse.security:def:53424
Revision Date: 2020-12-01 Version: 1 Title: Security update for nodejs10 (Important) Description: This update for nodejs10 to version 10.16.3 fixes the following issues: Security issues fixed: - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#1146091). - CVE-2019-9512: Fixed HTTP/2 flood using PING frames results in unbounded memory growth (bsc#1146099). - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service. (bsc#1146094). - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146095). - CVE-2019-9515: Fixed HTTP/2 flood using SETTINGS frames results in unbounded memory growth (bsc#1146100). - CVE-2019-9516: Fixed HTTP/2 implementation that is vulnerable to a header leak, potentially leading to a denial of service (bsc#1146090). - CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering (bsc#1146097). - CVE-2019-9518: Fixed HTTP/2 implementation that is vulnerable to a flood of empty frames, potentially leading to a denial of service (bsc#1146093). Family: unix Class: patch Status: Reference(s): 1007454 1007959 1007962 1008519 1008842 1009109 1010032 1011913 1012382 1012910 1013285 1013341 1013764 1013767 1013994 1014109 1014110 1014111 1014112 1014136 1014256 1014514 1015400 1015609 1015964 1016779 1017461 1017641 1018088 1018263 1018419 1019163 1019614 1019618 1020048 1020353 1021762 1021868 1022340 1022785 1023866 1024015 1025683 1026024 1026405 1026462 1026505 1026509 1026692 1026722 1027054 1027066 1027153 1027179 1027189 1027190 1027195 1027273 1027616 1028017 1028027 1028041 1028158 1028217 1028325 1028415 1028819 1028895 1029220 1029497 1029514 1029634 1029986 1030118 1030213 1031003 1031052 1031200 1031206 1031208 1031440 1031481 1031579 1031660 1031662 1031717 1031831 1032006 1032673 1032681 1044995 1146090 1146091 1146093 1146094 1146095 1146097 1146099 1146100 1154862 897662 898572 937125 951376 951844 967087 968697 969755 970083 977572 977860 978056 979441 980391 980892 981634 982783 986631 986639 987899 988281 991173 998106 CVE-2006-4197 CVE-2009-0159 CVE-2009-0946 CVE-2009-1252 CVE-2009-1720 CVE-2009-1721 CVE-2010-2497 CVE-2010-2805 CVE-2010-3053 CVE-2010-3054 CVE-2010-3311 CVE-2010-3814 CVE-2011-0226 CVE-2012-1616 CVE-2012-5668 CVE-2012-5669 CVE-2012-5670 CVE-2013-1992 CVE-2013-5211 CVE-2014-2240 CVE-2014-7185 CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 CVE-2014-9297 CVE-2014-9298 CVE-2014-9656 CVE-2014-9657 CVE-2014-9658 CVE-2014-9659 CVE-2014-9660 CVE-2014-9661 CVE-2014-9662 CVE-2014-9663 CVE-2014-9664 CVE-2014-9665 CVE-2014-9666 CVE-2014-9667 CVE-2014-9668 CVE-2014-9669 CVE-2014-9670 CVE-2014-9671 CVE-2014-9672 CVE-2014-9673 CVE-2014-9674 CVE-2014-9675 CVE-2015-1283 CVE-2015-1798 CVE-2015-1799 CVE-2015-3405 CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4903 CVE-2015-4911 CVE-2015-5219 CVE-2015-5300 CVE-2015-7691 CVE-2015-7692 CVE-2015-7701 CVE-2015-7702 CVE-2015-7703 CVE-2015-7704 CVE-2015-7705 CVE-2015-7848 CVE-2015-7849 CVE-2015-7850 CVE-2015-7851 CVE-2015-7852 CVE-2015-7853 CVE-2015-7854 CVE-2015-7855 CVE-2015-7871 CVE-2015-7973 CVE-2015-7974 CVE-2015-7975 CVE-2015-7976 CVE-2015-7977 CVE-2015-7978 CVE-2015-7979 CVE-2015-8138 CVE-2015-8139 CVE-2015-8140 CVE-2015-8158 CVE-2016-0718 CVE-2016-10200 CVE-2016-10251 CVE-2016-1523 CVE-2016-1547 CVE-2016-1548 CVE-2016-1549 CVE-2016-1550 CVE-2016-1551 CVE-2016-2117 CVE-2016-2516 CVE-2016-2517 CVE-2016-2518 CVE-2016-2519 CVE-2016-4953 CVE-2016-4954 CVE-2016-4955 CVE-2016-4956 CVE-2016-4957 CVE-2016-5824 CVE-2016-5827 CVE-2016-7426 CVE-2016-7427 CVE-2016-7428 CVE-2016-7429 CVE-2016-7431 CVE-2016-7433 CVE-2016-7434 CVE-2016-9042 CVE-2016-9102 CVE-2016-9103 CVE-2016-9191 CVE-2016-9310 CVE-2016-9311 CVE-2016-9381 CVE-2016-9583 CVE-2016-9584 CVE-2016-9600 CVE-2016-9776 CVE-2016-9845 CVE-2016-9846 CVE-2016-9907 CVE-2016-9908 CVE-2016-9911 CVE-2016-9912 CVE-2016-9913 CVE-2016-9921 CVE-2016-9922 CVE-2017-12596 CVE-2017-2596 CVE-2017-2671 CVE-2017-5498 CVE-2017-6074 CVE-2017-6214 CVE-2017-6345 CVE-2017-6346 CVE-2017-6347 CVE-2017-6353 CVE-2017-6451 CVE-2017-6458 CVE-2017-6460 CVE-2017-6462 CVE-2017-6463 CVE-2017-6464 CVE-2017-6850 CVE-2017-7187 CVE-2017-7261 CVE-2017-7294 CVE-2017-7308 CVE-2017-7374 CVE-2017-9110 CVE-2017-9114 CVE-2019-17498 CVE-2019-9511 CVE-2019-9512 CVE-2019-9513 CVE-2019-9514 CVE-2019-9515 CVE-2019-9516 CVE-2019-9517 CVE-2019-9518 SUSE-SU-2015:1874-2 SUSE-SU-2016:0554-1 SUSE-SU-2016:1508-1 SUSE-SU-2017:0127-1 SUSE-SU-2017:0953-1 SUSE-SU-2017:1183-1 SUSE-SU-2017:1989-1 SUSE-SU-2019:2259-1 SUSE-SU-2019:2900-2 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information bluez-5.48-lp150.3 is installed OR libbluetooth3-5.48-lp150.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information gnutls-3.6.7-lp151.2.3 is installed OR gnutls-guile-3.6.7-lp151.2.3 is installed OR libgnutls-dane-devel-3.6.7-lp151.2.3 is installed OR libgnutls-dane0-3.6.7-lp151.2.3 is installed OR libgnutls-devel-3.6.7-lp151.2.3 is installed OR libgnutls-devel-32bit-3.6.7-lp151.2.3 is installed OR libgnutls30-3.6.7-lp151.2.3 is installed OR libgnutls30-32bit-3.6.7-lp151.2.3 is installed OR libgnutlsxx-devel-3.6.7-lp151.2.3 is installed OR libgnutlsxx28-3.6.7-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information gpg2-2.0.9-25.33.37 is installed OR gpg2-lang-2.0.9-25.33.37 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information bash-3.2-147.22 is installed OR bash-doc-3.2-147.22 is installed OR libreadline5-5.2-147.22 is installed OR libreadline5-32bit-5.2-147.22 is installed OR readline-doc-5.2-147.22 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.548-0.26 is installed OR flash-player-gnome-11.2.202.548-0.26 is installed OR flash-player-kde4-11.2.202.548-0.26 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information libpython2_7-1_0-2.7.7-9 is installed OR libpython2_7-1_0-32bit-2.7.7-9 is installed OR python-2.7.7-9 is installed OR python-base-2.7.7-9 is installed OR python-curses-2.7.7-9 is installed OR python-devel-2.7.7-9 is installed OR python-tk-2.7.7-9 is installed OR python-xml-2.7.7-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information MozillaFirefox-38.6.1esr-60 is installed OR MozillaFirefox-translations-38.6.1esr-60 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libical-1.0.1-16.3 is installed OR libical1-1.0.1-16.3 is installed OR libical1-32bit-1.0.1-16.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND ft2demos-2.6.3-7.10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND argyllcms-1.6.3-3 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information nodejs10-10.16.3-1.12 is installed OR nodejs10-devel-10.16.3-1.12 is installed OR nodejs10-docs-10.16.3-1.12 is installed OR npm10-10.16.3-1.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information bzip2-1.0.6-27 is installed OR bzip2-doc-1.0.6-27 is installed OR libbz2-1-1.0.6-27 is installed OR libbz2-1-32bit-1.0.6-27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND unrar-5.0.14-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND xdg-utils-20140630-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information git-2.12.3-27.14 is installed OR git-core-2.12.3-27.14 is installed OR git-doc-2.12.3-27.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kernel-default-4.4.121-92.85 is installed OR kernel-default-base-4.4.121-92.85 is installed OR kernel-default-devel-4.4.121-92.85 is installed OR kernel-devel-4.4.121-92.85 is installed OR kernel-macros-4.4.121-92.85 is installed OR kernel-source-4.4.121-92.85 is installed OR kernel-syms-4.4.121-92.85 is installed OR kgraft-patch-4_4_121-92_85-default-1-3.5 is installed OR kgraft-patch-SLE12-SP2_Update_23-1-3.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_114-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_30-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND dnsmasq-2.76-17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND binutils-2.32-9.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information cups-1.7.5-20.26 is installed OR cups-client-1.7.5-20.26 is installed OR cups-libs-1.7.5-20.26 is installed OR cups-libs-32bit-1.7.5-20.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND ucode-intel-20190618-13.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cups-filters-1.0.58-19.2 is installed OR cups-filters-cups-browsed-1.0.58-19.2 is installed OR cups-filters-foomatic-rip-1.0.58-19.2 is installed OR cups-filters-ghostscript-1.0.58-19.2 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information libssh2-1-1.8.0-4.10 is installed OR libssh2-1-32bit-1.8.0-4.10 is installed OR libssh2-devel-1.8.0-4.10 is installed OR libssh2_org-1.8.0-4.10 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND openstack-heat-templates-0.0.0+git.1452795102.e53f5d3-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information apache2-2.4.23-29.18 is installed OR apache2-doc-2.4.23-29.18 is installed OR apache2-example-pages-2.4.23-29.18 is installed OR apache2-prefork-2.4.23-29.18 is installed OR apache2-utils-2.4.23-29.18 is installed OR apache2-worker-2.4.23-29.18 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libpython3_4m1_0-3.4.10-25.45 is installed OR python3-3.4.10-25.45 is installed OR python3-base-3.4.10-25.45 is installed OR python3-curses-3.4.10-25.45 is installed OR python3-devel-3.4.10-25.45 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-sprockets-2_12-2.12.5-1.4 is installed OR rubygem-sprockets-2_12-2.12.5-1.4 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND nodejs6-6.17.0-11.27 is installed
BACK