Oval Definition:oval:org.opensuse.security:def:74167
Revision Date:2020-12-01Version:1
Title:Security update for nodejs10 (Critical)
Description:

This update for nodejs10 fixes the following issues:

nodejs10 was updated to version 10.21.0

- CVE-2020-8174: Fixed multiple memory corruption in napi_get_value_string_*() (bsc#1172443). - CVE-2020-11080: Fixed a potential denial of service when receiving unreasonably large HTTP/2 SETTINGS frames (bsc#1172442). - CVE-2020-10531: Fixed an integer overflow in UnicodeString:doAppend() (bsc#1166844). - Fixed an issue with openssl by adding getrandom syscall definition for all Linux platforms (bsc#1162117).

npm was updated to 6.14.3

- CVE-2020-7598: Fixed an issue which could have tricked minimist into adding or modifying properties of Object.prototype (bsc#1166916).
Family:unixClass:patch
Status:Reference(s):1140868
1162117
1166844
1166916
1172442
1172443
CVE-2019-11709
CVE-2019-11711
CVE-2019-11712
CVE-2019-11713
CVE-2019-11715
CVE-2019-11717
CVE-2019-11719
CVE-2019-11729
CVE-2019-11730
CVE-2019-9811
CVE-2020-10531
CVE-2020-11080
CVE-2020-7598
CVE-2020-8174
openSUSE-SU-2019:1782-1
SUSE-SU-2020:1568-1
Platform(s):openSUSE Leap 15.1
SUSE Linux Enterprise Module for Web Scripting 15 SP2
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • MozillaFirefox-60.8.0-lp151.2.10 is installed
  • OR MozillaFirefox-branding-upstream-60.8.0-lp151.2.10 is installed
  • OR MozillaFirefox-buildsymbols-60.8.0-lp151.2.10 is installed
  • OR MozillaFirefox-devel-60.8.0-lp151.2.10 is installed
  • OR MozillaFirefox-translations-common-60.8.0-lp151.2.10 is installed
  • OR MozillaFirefox-translations-other-60.8.0-lp151.2.10 is installed
  • OR libfreebl3-3.44.1-lp151.2.3 is installed
  • OR libfreebl3-32bit-3.44.1-lp151.2.3 is installed
  • OR libfreebl3-hmac-3.44.1-lp151.2.3 is installed
  • OR libfreebl3-hmac-32bit-3.44.1-lp151.2.3 is installed
  • OR libsoftokn3-3.44.1-lp151.2.3 is installed
  • OR libsoftokn3-32bit-3.44.1-lp151.2.3 is installed
  • OR libsoftokn3-hmac-3.44.1-lp151.2.3 is installed
  • OR libsoftokn3-hmac-32bit-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-32bit-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-certs-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-certs-32bit-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-devel-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-sysinit-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-sysinit-32bit-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-tools-3.44.1-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP2 is installed
  • AND Package Information
  • nodejs10-10.21.0-1.21 is installed
  • OR nodejs10-devel-10.21.0-1.21 is installed
  • OR nodejs10-docs-10.21.0-1.21 is installed
  • OR npm10-10.21.0-1.21 is installed
    • BACK