Oval Definition:oval:org.opensuse.security:def:67486
Revision Date:2020-12-01Version:1
Title:Security update for nodejs8 (Critical)
Description:

This update for nodejs8 fixes the following issues:

- CVE-2020-8174: Fixed multiple memory corruption in napi_get_value_string_*() (bsc#1172443). - CVE-2020-11080: Fixed a potential denial of service when receiving unreasonably large HTTP/2 SETTINGS frames (bsc#1172442). - CVE-2020-7598: Fixed an issue which could have tricked minimist into adding or modifying properties of Object.prototype (bsc#1166916) - CVE-2020-15095: Fixed information leak through log files (bsc#1173937). - Explicitly add -fno-strict-aliasing to CFLAGS to fix compilation on Aarch64 with gcc10 (bsc#1172686). - Add Require for nodejs8 when intalling npm8 (bsc#1172728)
Family:unixClass:patch
Status:Reference(s):1166916
1172442
1172443
1172686
1172728
1173937
CVE-2009-1892
CVE-2010-2156
CVE-2010-3611
CVE-2010-3616
CVE-2011-0413
CVE-2011-0997
CVE-2011-2748
CVE-2011-2749
CVE-2011-4539
CVE-2011-4868
CVE-2012-3570
CVE-2012-3571
CVE-2012-3954
CVE-2012-3955
CVE-2013-2266
CVE-2015-8605
CVE-2017-3144
CVE-2018-5732
CVE-2018-5733
CVE-2020-11080
CVE-2020-15095
CVE-2020-7598
CVE-2020-8174
SUSE-SU-2020:2800-1
Platform(s):SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Web Scripting 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • dhcp-4.3.5-4 is installed
  • OR dhcp-client-4.3.5-4 is installed
  • OR dhcp-devel-4.3.5-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP2 is installed
  • AND Package Information
  • nodejs8-8.17.0-10.3 is installed
  • OR nodejs8-devel-8.17.0-10.3 is installed
  • OR nodejs8-docs-8.17.0-10.3 is installed
  • OR npm8-8.17.0-10.3 is installed
    • BACK