Oval Definition:oval:org.opensuse.security:def:53429
Revision Date:2020-12-01Version:1
Title:Security update for nodejs10 (Important)
Description:

This update for nodejs10 to version 10.18.0 fixes the following issues:

Security issues fixed:

- CVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated npm to 6.13.4, fixing an arbitrary path overwrite and access via 'bin' field (bsc#1159352). - Added support for chacha20-poly1305 for Authenticated encryption (AEAD).

Non-security issues fixed:

- Fixed wrong path in gypi files (bsc#1159812).
Family:unixClass:patch
Status:Reference(s):1010845
1020868
1020890
1020976
1022428
1024076
1024079
1034911
1035371
1049255
1049621
1149792
1157268
1159352
1159812
1171889
826717
866902
882089
889526
896023
897614
897906
898772
900292
901317
901546
903357
903359
903850
903967
903970
905465
905467
906439
908376
952871
963415
968046
968048
968051
968053
968374
982385
982386
996821
CVE-2009-0758
CVE-2009-2905
CVE-2010-2244
CVE-2010-3170
CVE-2011-1002
CVE-2011-1709
CVE-2011-3389
CVE-2011-3640
CVE-2013-0743
CVE-2013-0791
CVE-2013-1620
CVE-2013-1739
CVE-2013-1740
CVE-2013-1988
CVE-2013-3495
CVE-2013-5605
CVE-2014-1492
CVE-2014-1568
CVE-2014-1569
CVE-2014-3660
CVE-2014-5146
CVE-2014-5149
CVE-2014-8594
CVE-2014-8595
CVE-2014-8866
CVE-2014-8867
CVE-2014-9030
CVE-2015-1038
CVE-2015-3197
CVE-2015-4000
CVE-2015-7181
CVE-2015-7182
CVE-2015-7575
CVE-2016-0702
CVE-2016-0703
CVE-2016-0704
CVE-2016-0749
CVE-2016-0797
CVE-2016-0799
CVE-2016-0800
CVE-2016-1938
CVE-2016-1950
CVE-2016-1978
CVE-2016-1979
CVE-2016-2150
CVE-2016-2335
CVE-2016-2834
CVE-2016-5285
CVE-2016-8635
CVE-2016-9074
CVE-2016-9401
CVE-2016-9574
CVE-2017-11406
CVE-2017-11407
CVE-2017-11408
CVE-2017-11410
CVE-2017-11411
CVE-2017-3302
CVE-2017-3313
CVE-2017-5837
CVE-2017-5844
CVE-2019-16775
CVE-2019-16776
CVE-2019-16777
CVE-2019-18934
CVE-2020-12662
CVE-2020-12663
SUSE-SU-2016:0641-1
SUSE-SU-2016:1561-1
SUSE-SU-2017:1003-1
SUSE-SU-2017:1315-1
SUSE-SU-2017:1317-1
SUSE-SU-2017:2033-1
SUSE-SU-2020:0104-1
SUSE-SU-2020:1819-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND cifs-utils-6.5-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • curl-7.60.0-lp151.5.3 is installed
  • OR curl-mini-7.60.0-lp151.5.3 is installed
  • OR libcurl-devel-7.60.0-lp151.5.3 is installed
  • OR libcurl-devel-32bit-7.60.0-lp151.5.3 is installed
  • OR libcurl-mini-devel-7.60.0-lp151.5.3 is installed
  • OR libcurl4-7.60.0-lp151.5.3 is installed
  • OR libcurl4-32bit-7.60.0-lp151.5.3 is installed
  • OR libcurl4-mini-7.60.0-lp151.5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • inkscape-0.46-62.38 is installed
  • OR inkscape-extensions-dia-0.46-62.38 is installed
  • OR inkscape-extensions-extra-0.46-62.38 is installed
  • OR inkscape-extensions-fig-0.46-62.38 is installed
  • OR inkscape-extensions-gimp-0.46-62.38 is installed
  • OR inkscape-lang-0.46-62.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • bind-9.9.6P1-0.22 is installed
  • OR bind-libs-9.9.6P1-0.22 is installed
  • OR bind-libs-32bit-9.9.6P1-0.22 is installed
  • OR bind-utils-9.9.6P1-0.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND foomatic-filters-3.0.2-269.39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • libxml2-2.9.1-10 is installed
  • OR libxml2-2-2.9.1-10 is installed
  • OR libxml2-2-32bit-2.9.1-10 is installed
  • OR libxml2-tools-2.9.1-10 is installed
  • OR python-libxml2-2.9.1-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • compat-openssl098-0.9.8j-94 is installed
  • OR libopenssl0_9_8-0.9.8j-94 is installed
  • OR libopenssl0_9_8-32bit-0.9.8j-94 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libwireshark8-2.2.8-48.6 is installed
  • OR libwiretap6-2.2.8-48.6 is installed
  • OR libwscodecs1-2.2.8-48.6 is installed
  • OR libwsutil7-2.2.8-48.6 is installed
  • OR wireshark-2.2.8-48.6 is installed
  • OR wireshark-gtk-2.2.8-48.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • gdm-3.10.0.1-52 is installed
  • OR gdm-lang-3.10.0.1-52 is installed
  • OR gdmflexiserver-3.10.0.1-52 is installed
  • OR libgdm1-3.10.0.1-52 is installed
  • OR typelib-1_0-Gdm-1_0-3.10.0.1-52 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • avahi-0.6.32-30 is installed
  • OR avahi-lang-0.6.32-30 is installed
  • OR libavahi-client3-0.6.32-30 is installed
  • OR libavahi-client3-32bit-0.6.32-30 is installed
  • OR libavahi-common3-0.6.32-30 is installed
  • OR libavahi-common3-32bit-0.6.32-30 is installed
  • OR libavahi-core7-0.6.32-30 is installed
  • OR libdns_sd-0.6.32-30 is installed
  • OR libdns_sd-32bit-0.6.32-30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND Package Information
  • nodejs10-10.18.0-1.15 is installed
  • OR nodejs10-devel-10.18.0-1.15 is installed
  • OR nodejs10-docs-10.18.0-1.15 is installed
  • OR npm10-10.18.0-1.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • coreutils-8.22-9 is installed
  • OR coreutils-lang-8.22-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • evince-3.10.3-2.3 is installed
  • OR evince-lang-3.10.3-2.3 is installed
  • OR libevdocument3-4-3.10.3-2.3 is installed
  • OR libevview3-3-3.10.3-2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND xlockmore-5.43-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • xen-4.7.6_02-43.36 is installed
  • OR xen-doc-html-4.7.6_02-43.36 is installed
  • OR xen-libs-4.7.6_02-43.36 is installed
  • OR xen-libs-32bit-4.7.6_02-43.36 is installed
  • OR xen-tools-4.7.6_02-43.36 is installed
  • OR xen-tools-domU-4.7.6_02-43.36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • MozillaFirefox-60.8.0-109.83 is installed
  • OR MozillaFirefox-devel-60.8.0-109.83 is installed
  • OR MozillaFirefox-translations-common-60.8.0-109.83 is installed
  • OR libfreebl3-3.44.1-58.28 is installed
  • OR libfreebl3-32bit-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-3.44.1-58.28 is installed
  • OR libsoftokn3-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-3.44.1-58.28 is installed
  • OR mozilla-nss-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-tools-3.44.1-58.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • e2fsprogs-1.42.11-15 is installed
  • OR libcom_err2-1.42.11-15 is installed
  • OR libcom_err2-32bit-1.42.11-15 is installed
  • OR libext2fs2-1.42.11-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • MozillaFirefox-68.2.0-109.95 is installed
  • OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND permissions-2015.09.28.1626-17.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libpolkit0-0.113-5.18 is installed
  • OR polkit-0.113-5.18 is installed
  • OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • ovmf-2017+git1492060560.b6d11d7c46-4.12 is installed
  • OR ovmf-tools-2017+git1492060560.b6d11d7c46-4.12 is installed
  • OR qemu-ovmf-x86_64-2017+git1492060560.b6d11d7c46-4.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND davfs2-1.5.2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • libunbound2-1.6.8-3.6 is installed
  • OR unbound-1.6.8-3.6 is installed
  • OR unbound-anchor-1.6.8-3.6 is installed
  • OR unbound-devel-1.6.8-3.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • openstack-swift-2.1.0-4 is installed
  • OR openstack-swift-account-2.1.0-4 is installed
  • OR openstack-swift-container-2.1.0-4 is installed
  • OR openstack-swift-object-2.1.0-4 is installed
  • OR openstack-swift-proxy-2.1.0-4 is installed
  • OR python-swift-2.1.0-4 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • xen-4.7.5_02-43.30 is installed
  • OR xen-doc-html-4.7.5_02-43.30 is installed
  • OR xen-libs-4.7.5_02-43.30 is installed
  • OR xen-libs-32bit-4.7.5_02-43.30 is installed
  • OR xen-tools-4.7.5_02-43.30 is installed
  • OR xen-tools-domU-4.7.5_02-43.30 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND slf4j-1.7.12-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-Django1-1.11.23-3.9 is installed
    • BACK