Oval Definition:oval:org.opensuse.security:def:80853
Revision Date:2019-02-14Version:1
Title:Security update for nodejs6 (Important)
Description:

This update for nodejs6 to version 6.16.0 fixes the following issues:

Security issues fixed:

- CVE-2018-0734: Fixed a timing vulnerability in the DSA signature generation (bsc#1113652) - CVE-2018-5407: Fixed a hyperthread port content side channel attack (aka 'PortSmash') (bsc#1113534) - CVE-2018-12120: Fixed that the debugger listens on any interface by default (bsc#1117625) - CVE-2018-12121: Fixed a denial of Service with large HTTP headers (bsc#1117626) - CVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service (bsc#1117627) - CVE-2018-12116: Fixed HTTP request splitting (bsc#1117630) - CVE-2018-12123: Fixed hostname spoofing in URL parser for javascript protocol (bsc#1117629)
Family:unixClass:patch
Status:Reference(s):1113534
1113652
1117625
1117626
1117627
1117629
1117630
CVE-2018-0734
CVE-2018-12116
CVE-2018-12120
CVE-2018-12121
CVE-2018-12122
CVE-2018-12123
CVE-2018-5407
SUSE-SU-2019:0395-1
Platform(s):SUSE OpenStack Cloud 7
Product(s):
Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND nodejs6-6.16.0-11.21.1 is installed
    • BACK