Oval Definition:	oval:org.opensuse.security:def:53425
Revision Date: 2020-12-01 Version: 1 Title: Security update for nodejs8 (Important) Description: This update for nodejs8 to version 8.16.1 fixes the following issues: Security issues fixed: - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#1146091). - CVE-2019-9512: Fixed HTTP/2 flood using PING frames results in unbounded memory growth (bsc#1146099). - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service. (bsc#1146094). - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146095). - CVE-2019-9515: Fixed HTTP/2 flood using SETTINGS frames results in unbounded memory growth (bsc#1146100). - CVE-2019-9516: Fixed HTTP/2 implementation that is vulnerable to a header leak, potentially leading to a denial of service (bsc#1146090). - CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering (bsc#1146097). - CVE-2019-9518: Fixed HTTP/2 implementation that is vulnerable to a flood of empty frames, potentially leading to a denial of service (bsc#1146093). Bug fixes: - Fixed that npm resolves its default config file like in all other versions, as /etc/nodejs/npmrc (bsc#1144919). Family: unix Class: patch Status: Reference(s): 1007959 1007962 1008842 1010032 1011913 1012382 1012910 1013994 1014136 1015609 1017461 1017641 1018263 1018419 1019163 1019614 1019618 1020048 1021762 1022340 1022785 1023866 1024015 1024044 1024068 1025683 1026024 1026405 1026462 1026505 1026509 1026692 1026722 1027054 1027066 1027153 1027179 1027189 1027190 1027195 1027273 1027616 1028017 1028027 1028041 1028158 1028217 1028325 1028415 1028819 1028895 1029220 1029514 1029634 1029986 1030118 1030213 1031003 1031052 1031200 1031206 1031208 1031440 1031481 1031579 1031660 1031662 1031717 1031831 1032006 1032673 1032681 1034570 1034571 1034572 1034574 1042802 1045719 1045721 1144919 1146090 1146091 1146093 1146094 1146095 1146097 1146099 1146100 1173304 812259 855062 867583 897662 899908 901223 901277 902606 924919 935087 937261 937444 938577 940338 940946 941363 942476 943967 943968 943969 943989 944749 945649 947953 949440 949936 950292 951199 951392 951615 951844 952579 952976 954992 955118 955354 955654 956514 956708 957525 957988 957990 958463 958886 958951 959090 959146 959190 959257 959364 959399 959436 959463 959629 960221 960227 960281 960300 961202 961257 961500 961509 961516 961588 961971 962336 962356 962788 962965 963449 963572 963765 963767 963825 964230 964821 965344 965840 968697 969755 970083 977572 977860 978056 979261 979906 980892 981634 982783 987899 988281 991173 998106 CVE-2007-4772 CVE-2007-5970 CVE-2007-6600 CVE-2008-7247 CVE-2009-0368 CVE-2009-3297 CVE-2009-4019 CVE-2009-4028 CVE-2009-4030 CVE-2009-4034 CVE-2009-4136 CVE-2010-1169 CVE-2010-1170 CVE-2010-3433 CVE-2010-4523 CVE-2010-5298 CVE-2011-0541 CVE-2012-0866 CVE-2012-0867 CVE-2012-0868 CVE-2012-2143 CVE-2012-2655 CVE-2012-3488 CVE-2012-3489 CVE-2012-5615 CVE-2013-0255 CVE-2013-1899 CVE-2013-1900 CVE-2013-1901 CVE-2013-1976 CVE-2013-7446 CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066 CVE-2014-0067 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-2494 CVE-2014-3470 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-4207 CVE-2014-4258 CVE-2014-4260 CVE-2014-4274 CVE-2014-4287 CVE-2014-6463 CVE-2014-6464 CVE-2014-6469 CVE-2014-6474 CVE-2014-6478 CVE-2014-6484 CVE-2014-6489 CVE-2014-6491 CVE-2014-6494 CVE-2014-6495 CVE-2014-6496 CVE-2014-6500 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559 CVE-2014-6564 CVE-2014-6568 CVE-2014-8964 CVE-2015-0272 CVE-2015-0295 CVE-2015-0374 CVE-2015-0381 CVE-2015-0382 CVE-2015-0391 CVE-2015-0411 CVE-2015-0432 CVE-2015-0433 CVE-2015-0441 CVE-2015-0499 CVE-2015-0501 CVE-2015-0505 CVE-2015-1858 CVE-2015-1859 CVE-2015-1860 CVE-2015-2325 CVE-2015-2326 CVE-2015-2568 CVE-2015-2571 CVE-2015-2573 CVE-2015-3152 CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 CVE-2015-3202 CVE-2015-4792 CVE-2015-4802 CVE-2015-4807 CVE-2015-4815 CVE-2015-4826 CVE-2015-4830 CVE-2015-4836 CVE-2015-4858 CVE-2015-4861 CVE-2015-4870 CVE-2015-4913 CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 CVE-2015-5288 CVE-2015-5289 CVE-2015-5707 CVE-2015-5969 CVE-2015-7550 CVE-2015-7799 CVE-2015-8215 CVE-2015-8539 CVE-2015-8543 CVE-2015-8550 CVE-2015-8551 CVE-2015-8569 CVE-2015-8575 CVE-2015-8660 CVE-2015-8767 CVE-2015-8785 CVE-2016-0505 CVE-2016-0546 CVE-2016-0596 CVE-2016-0597 CVE-2016-0598 CVE-2016-0600 CVE-2016-0606 CVE-2016-0608 CVE-2016-0609 CVE-2016-0616 CVE-2016-0640 CVE-2016-0641 CVE-2016-0642 CVE-2016-0643 CVE-2016-0644 CVE-2016-0646 CVE-2016-0647 CVE-2016-0648 CVE-2016-0649 CVE-2016-0650 CVE-2016-0651 CVE-2016-0655 CVE-2016-0666 CVE-2016-0668 CVE-2016-0723 CVE-2016-0766 CVE-2016-0773 CVE-2016-10200 CVE-2016-10324 CVE-2016-10325 CVE-2016-10326 CVE-2016-2047 CVE-2016-2069 CVE-2016-2117 CVE-2016-2193 CVE-2016-3065 CVE-2016-3477 CVE-2016-3492 CVE-2016-3521 CVE-2016-3615 CVE-2016-4574 CVE-2016-4579 CVE-2016-5440 CVE-2016-5584 CVE-2016-5624 CVE-2016-5626 CVE-2016-5629 CVE-2016-6354 CVE-2016-6662 CVE-2016-6663 CVE-2016-6664 CVE-2016-7440 CVE-2016-8283 CVE-2016-9191 CVE-2017-2596 CVE-2017-2671 CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3257 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3302 CVE-2017-3312 CVE-2017-3313 CVE-2017-3317 CVE-2017-3318 CVE-2017-5843 CVE-2017-5848 CVE-2017-6074 CVE-2017-6214 CVE-2017-6345 CVE-2017-6346 CVE-2017-6347 CVE-2017-6353 CVE-2017-7187 CVE-2017-7261 CVE-2017-7294 CVE-2017-7308 CVE-2017-7374 CVE-2017-7484 CVE-2017-7485 CVE-2017-7486 CVE-2017-7853 CVE-2017-9408 CVE-2017-9775 CVE-2017-9776 CVE-2019-9511 CVE-2019-9512 CVE-2019-9513 CVE-2019-9514 CVE-2019-9515 CVE-2019-9516 CVE-2019-9517 CVE-2019-9518 CVE-2020-14059 SUSE-SU-2015:1892-1 SUSE-SU-2016:0585-1 SUSE-SU-2016:1510-1 SUSE-SU-2017:0962-1 SUSE-SU-2017:1183-1 SUSE-SU-2017:1187-1 SUSE-SU-2017:1998-1 SUSE-SU-2019:2260-1 SUSE-SU-2020:1769-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND bubblewrap-0.2.0-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information kernel-debug-4.12.14-lp151.28.4 is installed OR kernel-debug-base-4.12.14-lp151.28.4 is installed OR kernel-debug-devel-4.12.14-lp151.28.4 is installed OR kernel-default-4.12.14-lp151.28.4 is installed OR kernel-default-base-4.12.14-lp151.28.4 is installed OR kernel-default-devel-4.12.14-lp151.28.4 is installed OR kernel-devel-4.12.14-lp151.28.4 is installed OR kernel-docs-4.12.14-lp151.28.4 is installed OR kernel-docs-html-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-base-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-devel-4.12.14-lp151.28.4 is installed OR kernel-macros-4.12.14-lp151.28.4 is installed OR kernel-obs-build-4.12.14-lp151.28.4 is installed OR kernel-obs-qa-4.12.14-lp151.28.4 is installed OR kernel-source-4.12.14-lp151.28.4 is installed OR kernel-source-vanilla-4.12.14-lp151.28.4 is installed OR kernel-syms-4.12.14-lp151.28.4 is installed OR kernel-vanilla-4.12.14-lp151.28.4 is installed OR kernel-vanilla-base-4.12.14-lp151.28.4 is installed OR kernel-vanilla-devel-4.12.14-lp151.28.4 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information gtk2-2.18.9-0.23 is installed OR gtk2-32bit-2.18.9-0.23 is installed OR gtk2-devel-2.18.9-0.23 is installed OR gtk2-lang-2.18.9-0.23 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information bind-libs-9.9.4P2-0.6 is installed OR bind-libs-32bit-9.9.4P2-0.6 is installed OR bind-utils-9.9.4P2-0.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.554-0.29 is installed OR flash-player-gnome-11.2.202.554-0.29 is installed OR flash-player-kde4-11.2.202.554-0.29 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information compat-openssl098-0.9.8j-66 is installed OR libopenssl0_9_8-0.9.8j-66 is installed OR libopenssl0_9_8-32bit-0.9.8j-66 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information kernel-default-3.12.53-60.30 is installed OR kernel-default-devel-3.12.53-60.30 is installed OR kernel-default-extra-3.12.53-60.30 is installed OR kernel-devel-3.12.53-60.30 is installed OR kernel-macros-3.12.53-60.30 is installed OR kernel-source-3.12.53-60.30 is installed OR kernel-syms-3.12.53-60.30 is installed OR kernel-xen-3.12.53-60.30 is installed OR kernel-xen-devel-3.12.53-60.30 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libpoppler44-0.24.4-14.6 is installed OR poppler-0.24.4-14.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information fuse-2.9.3-5 is installed OR libfuse2-2.9.3-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information at-3.1.14-8.6 is installed OR libQtWebKit4-4.8.7+2.3.4-4.7 is installed OR libQtWebKit4-32bit-4.8.7+2.3.4-4.7 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information nodejs8-8.16.1-3.20 is installed OR nodejs8-devel-8.16.1-3.20 is installed OR nodejs8-docs-8.16.1-3.20 is installed OR npm8-8.16.1-3.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND cifs-utils-6.4-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND sudo-1.8.10p3-2.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information xen-4.7.0_12-23 is installed OR xen-doc-html-4.7.0_12-23 is installed OR xen-libs-4.7.0_12-23 is installed OR xen-libs-32bit-4.7.0_12-23 is installed OR xen-tools-4.7.0_12-23 is installed OR xen-tools-domU-4.7.0_12-23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-firmware-20170530-21.22 is installed OR ucode-amd-20170530-21.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libopenssl-devel-1.0.2j-60.30 is installed OR libopenssl1_0_0-1.0.2j-60.30 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed OR openssl-1.0.2j-60.30 is installed OR openssl-doc-1.0.2j-60.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND dosfstools-3.0.26-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND sudo-1.8.20p2-3.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND clamav-0.100.3-33.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information bzip2-1.0.6-30.5 is installed OR bzip2-doc-1.0.6-30.5 is installed OR libbz2-1-1.0.6-30.5 is installed OR libbz2-1-32bit-1.0.6-30.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND clamav-0.100.1-33.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cups-pk-helper-0.2.5-5 is installed OR cups-pk-helper-lang-0.2.5-5 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND squid-4.12-5.20 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information openstack-ironic-4.2.3~a0~dev14-1 is installed OR openstack-ironic-api-4.2.3~a0~dev14-1 is installed OR openstack-ironic-conductor-4.2.3~a0~dev14-1 is installed OR python-ironic-4.2.3~a0~dev14-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information kernel-default-4.4.121-92.73 is installed OR kernel-default-base-4.4.121-92.73 is installed OR kernel-default-devel-4.4.121-92.73 is installed OR kernel-default-man-4.4.121-92.73 is installed OR kernel-devel-4.4.121-92.73 is installed OR kernel-macros-4.4.121-92.73 is installed OR kernel-source-4.4.121-92.73 is installed OR kernel-syms-4.4.121-92.73 is installed OR kgraft-patch-4_4_121-92_73-default-1-3.3 is installed OR kgraft-patch-SLE12-SP2_Update_21-1-3.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libfreebl3-3.47.1-58.34 is installed OR libfreebl3-32bit-3.47.1-58.34 is installed OR libfreebl3-hmac-3.47.1-58.34 is installed OR libfreebl3-hmac-32bit-3.47.1-58.34 is installed OR libsoftokn3-3.47.1-58.34 is installed OR libsoftokn3-32bit-3.47.1-58.34 is installed OR libsoftokn3-hmac-3.47.1-58.34 is installed OR libsoftokn3-hmac-32bit-3.47.1-58.34 is installed OR mozilla-nspr-4.23-19.12 is installed OR mozilla-nspr-32bit-4.23-19.12 is installed OR mozilla-nspr-devel-4.23-19.12 is installed OR mozilla-nss-3.47.1-58.34 is installed OR mozilla-nss-32bit-3.47.1-58.34 is installed OR mozilla-nss-certs-3.47.1-58.34 is installed OR mozilla-nss-certs-32bit-3.47.1-58.34 is installed OR mozilla-nss-devel-3.47.1-58.34 is installed OR mozilla-nss-sysinit-3.47.1-58.34 is installed OR mozilla-nss-sysinit-32bit-3.47.1-58.34 is installed OR mozilla-nss-tools-3.47.1-58.34 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information ruby2.1-rubygem-rails-html-sanitizer-1.0.3-8.8 is installed OR rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
BACK