Oval Definition:oval:org.opensuse.security:def:69277
Revision Date:2021-12-06Version:1
Title:Security update for nodejs12 (Important)
Description:

This update for nodejs12 fixes the following issues:

- CVE-2021-22959: Fixed HTTP Request Smuggling due to spaced in headers (bsc#1191601). - CVE-2021-22960: Fixed HTTP Request Smuggling when parsing the body (bsc#1191602). - CVE-2021-37701: Fixed arbitrary file creation and overwrite in nodejs-tar (bsc#1190057). - CVE-2021-37712: Fixed arbitrary file creation and overwrite in nodejs-tar (bsc#1190056). - CVE-2021-37713: Fixed arbitrary code execution and file creation and overwrite in nodejs-tar (bsc#1190055). - CVE-2021-39134: Fixed symling following vulnerability in nodejs-arborist (bsc#1190054). - CVE-2021-39135: Fixed symling following vulnerability in nodejs-arborist (bsc#1190053).
Family:unixClass:patch
Status:Reference(s):1046303
1050244
1050549
1051510
1051858
1061840
1065600
1065729
1071995
1083647
1085030
1086301
1086313
1086314
1088810
1090888
1103989
1103990
1103991
1104353
1104427
1104745
1105392
1109837
1111666
1112178
1112374
1112504
1113956
1114279
1114685
1115026
1118338
1118661
1123328
1126206
1127371
1127611
1127682
1129551
1133021
1133147
1134973
1140025
1142685
1143959
1144162
1144333
1151548
1151910
1151927
1152107
1152631
1153535
1153917
1154243
1154601
1154768
1154916
1155331
1155334
1155689
1156259
1156286
1156462
1157155
1157157
1157169
1157303
1157424
1157480
1157692
1157853
1157895
1157908
1157966
1158013
1158021
1158026
1158071
1158094
1158132
1158381
1158533
1158819
1158823
1158824
1158827
1158834
1158893
1158900
1158903
1158904
1158954
1159024
1159028
1159271
1159297
1159377
1159394
1159483
1159484
1159500
1159569
1159588
1159841
1159908
1159909
1159910
1159911
1159955
1160147
1160195
1160210
1160211
1160218
1160433
1160442
1160469
1160470
1160476
1160560
1160618
1160678
1160755
1160756
1160784
1160787
1160802
1160803
1160804
1160917
1160966
1160979
1161087
1161243
1161360
1161472
1161514
1161518
1161522
1161523
1161549
1161552
1161674
1161702
1161907
1161931
1161933
1161934
1161935
1161936
1161937
1162028
1162067
1162109
1162139
1162557
1162617
1162618
1162619
1162623
1162928
1162943
1163206
1163383
1163384
1163762
1163774
1163836
1163840
1163841
1163842
1163843
1163844
1163845
1163846
1163849
1163850
1163851
1163852
1163853
1163855
1163856
1163857
1163858
1163859
1163860
1163861
1163862
1163863
1163867
1163869
1163880
1164051
1164069
1164098
1164115
1164314
1164315
1164388
1164471
1164598
1164632
1173100
1173659
1173869
1173942
1173963
1174186
1174247
1190053
1190054
1190055
1190056
1190057
1191601
1191602
CVE-2019-14615
CVE-2019-14895
CVE-2019-14896
CVE-2019-14897
CVE-2019-16746
CVE-2019-16994
CVE-2019-18808
CVE-2019-19036
CVE-2019-19045
CVE-2019-19051
CVE-2019-19054
CVE-2019-19066
CVE-2019-19318
CVE-2019-19319
CVE-2019-19332
CVE-2019-19338
CVE-2019-19447
CVE-2019-19523
CVE-2019-19526
CVE-2019-19527
CVE-2019-19532
CVE-2019-19533
CVE-2019-19535
CVE-2019-19537
CVE-2019-19767
CVE-2019-19927
CVE-2019-19965
CVE-2019-19966
CVE-2019-20054
CVE-2019-20095
CVE-2019-20096
CVE-2019-9458
CVE-2020-11668
CVE-2020-14331
CVE-2020-15780
CVE-2020-7053
CVE-2020-8428
CVE-2020-8648
CVE-2020-8992
CVE-2021-22959
CVE-2021-22960
CVE-2021-37701
CVE-2021-37712
CVE-2021-37713
CVE-2021-39134
CVE-2021-39135
SUSE-SU-2020:0511-1
SUSE-SU-2020:2513-1
SUSE-SU-2021:3940-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Public Cloud 15 SP1
SUSE Linux Enterprise Module for Web Scripting 15 SP3
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_29-default-6-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_8-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed
  • AND Package Information
  • kernel-azure-4.12.14-8.27 is installed
  • OR kernel-azure-base-4.12.14-8.27 is installed
  • OR kernel-azure-devel-4.12.14-8.27 is installed
  • OR kernel-devel-azure-4.12.14-8.27 is installed
  • OR kernel-source-azure-4.12.14-8.27 is installed
  • OR kernel-syms-azure-4.12.14-8.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP3 is installed
  • AND Package Information
  • nodejs12-12.22.7-4.22.1 is installed
  • OR nodejs12-devel-12.22.7-4.22.1 is installed
  • OR nodejs12-docs-12.22.7-4.22.1 is installed
  • OR npm12-12.22.7-4.22.1 is installed
    • BACK