ELEA-2024-9453
- ULN >
- Oracle Linux Errata repository >
- ELEA-2024-9453
ELEA-2024-9453 - nodejs:20 bug fix and enhancement update
| Type: | ENHANCEMENT |
| Severity: | NA |
| Release Date: | 2024-11-18 |
Description
nodejs
[1:20.17.0-1]
- Update to 20.17.0
Resolves: RHEL-58721
[1:20.16.0-1]
- Update to 20.16.0
Fixes: CVE-2024-36137 CVE-2024-22018 CVE-2024-22020
[1:20.14.0-1]
- Update to version 20.14.0
[1:20.12.2-2]
- Backport nghttp2 patch for CVE-2024-28182
[1:20.12.2-1]
- Rebase to version 20.12.0
Fixes CVE-2024-27983 CVE-2024-27982 CVE-2024-22025 (node)
Fixes CVE-2024-25629 (c-ares)
[1:20.11.1-1]
- Rebase to version 20.11.1
- Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 (high)
- Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 (medium)
[1:20.11.0-1]
- Rebase to version 20.11.0
Resolves: RHEL-21188
[1:20.9.0-1]
- Rebase to LTS
- Resolves: RHEL-16161
[1:20.8.1-1]
- Update node and nghttp
- Add fips patch
- Fixes CVE-2023-44487 (nghttp)
- Fixes CVE-2023-45143, CVE-2023-39331, CVE-2023-39332, CVE-2023-38552, CVE-2023-39333
[1:20.5.1-1]
- Rebase to new security release
- Address CVE-2023-32002, CVE-2023-32004, CVE-2023-32558 (high)
- Address CVE-2023-32006, CVE-2023-32559 (medium)
- Address CVE-2023-32005, CVE-2023-32003 (low)
- Resolves: #2186717
- Resolves RHELPLAN-155639
[1:20.5.0-1]
- Update to v20.5.0
- Remove dtrace support
- bcond corepack, so we don't provide it by default
- Decrease debuginfo verbosity for all arches
- Resolves: #2186717
- Resolves RHELPLAN-155639
[1:18.16.1-1]
- Rebase to 18.16.1
Resolves: rhbz#2188292 rhbz#2187683
Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590
- Replace /usr/etc/npmrc symlink with builtin configuration
Resolves: rhbz#2222285
[1:18.14.2-3]
- Update bundled c-ares to 1.19.1
Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067
[1:18.14.2-2]
- Provide simduft
- Resolves: #2159389
[1:18.14.2-1]
- Rebase to 18.14.2
- Resolves: #2159389
- Resolves: CVE-2022-25881, CVE-2022-4904, CVE-2023-23936, CVE-2023-24807
- Resolves: CVE-2023-23918, CVE-2023-23919, CVE-2023-23920
[1:18.12.1-1]
- Rebase + CVEs
- Resolves: #2142809
- Resolves: #2142830, #2142856
[1:18.10.0-3]
- Resolves: #2111861
- Add proper sources for undici
[1:18.10.0-2]
- Resolves: #2130565
- Add missing file
[1:18.10.0-1]
- Update to latest release
- Resolves: #2130565
- Resolves #2111009, #2111861, #2132732
nodejs-nodemon
nodejs-packaging
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory | Channel Label |
| Oracle Linux 9 (aarch64) | nodejs-20.17.0-1.module+el9.5.0+90443+13059b6a.src.rpm | 49e3c59831b12c430b9da6fcfff4c845 | - | ol9_aarch64_appstream |
| nodejs-nodemon-3.0.1-1.module+el9.3.0+90066+12d4a8d7.src.rpm | 3fe28bb8c8252b7f5f1e279e51adfd48 | - | ol9_aarch64_appstream | |
| nodejs-packaging-2021.06-4.module+el9.3.0+90066+12d4a8d7.src.rpm | e37d0145738296b346cfe198e4e9ccce | - | ol9_aarch64_appstream | |
| nodejs-20.17.0-1.module+el9.5.0+90443+13059b6a.aarch64.rpm | 4258ae9f591a1109f6b1517b27324f13 | - | ol9_aarch64_appstream | |
| nodejs-devel-20.17.0-1.module+el9.5.0+90443+13059b6a.aarch64.rpm | 691ada3229018c92136fc1d03d1e20d0 | - | ol9_aarch64_appstream | |
| nodejs-docs-20.17.0-1.module+el9.5.0+90443+13059b6a.noarch.rpm | adb2a66620650b36f07a7cf7f5c9f79d | - | ol9_aarch64_appstream | |
| nodejs-full-i18n-20.17.0-1.module+el9.5.0+90443+13059b6a.aarch64.rpm | 8d77cdfb52ea88e4630b78a32072f985 | - | ol9_aarch64_appstream | |
| nodejs-nodemon-3.0.1-1.module+el9.3.0+90066+12d4a8d7.noarch.rpm | 86a012348d19c494137e87734c7ca71f | - | ol9_aarch64_appstream | |
| nodejs-packaging-2021.06-4.module+el9.3.0+90066+12d4a8d7.noarch.rpm | 5ac6282aadc35cbd625c1c8d41880326 | - | ol9_aarch64_appstream | |
| nodejs-packaging-bundler-2021.06-4.module+el9.3.0+90066+12d4a8d7.noarch.rpm | 6fd8add20ee095a67f8e667c06bf0d38 | - | ol9_aarch64_appstream | |
| npm-10.8.2-1.20.17.0.1.module+el9.5.0+90443+13059b6a.aarch64.rpm | 77676647083010232eec650f606dfd56 | - | ol9_aarch64_appstream | |
| Oracle Linux 9 (x86_64) | nodejs-20.17.0-1.module+el9.5.0+90443+13059b6a.src.rpm | 49e3c59831b12c430b9da6fcfff4c845 | - | ol9_x86_64_appstream |
| nodejs-nodemon-3.0.1-1.module+el9.3.0+90066+12d4a8d7.src.rpm | 3fe28bb8c8252b7f5f1e279e51adfd48 | - | ol9_x86_64_appstream | |
| nodejs-packaging-2021.06-4.module+el9.3.0+90066+12d4a8d7.src.rpm | e37d0145738296b346cfe198e4e9ccce | - | ol9_x86_64_appstream | |
| nodejs-20.17.0-1.module+el9.5.0+90443+13059b6a.x86_64.rpm | 15f7968e731e661eb3ca8ad3cd9860c2 | - | ol9_x86_64_appstream | |
| nodejs-devel-20.17.0-1.module+el9.5.0+90443+13059b6a.x86_64.rpm | a4de7d07b7b2f3cb818426579a1d0a2e | - | ol9_x86_64_appstream | |
| nodejs-docs-20.17.0-1.module+el9.5.0+90443+13059b6a.noarch.rpm | adb2a66620650b36f07a7cf7f5c9f79d | - | ol9_x86_64_appstream | |
| nodejs-full-i18n-20.17.0-1.module+el9.5.0+90443+13059b6a.x86_64.rpm | 0f2029f0e19593e450675416bb2f19ab | - | ol9_x86_64_appstream | |
| nodejs-nodemon-3.0.1-1.module+el9.3.0+90066+12d4a8d7.noarch.rpm | 86a012348d19c494137e87734c7ca71f | - | ol9_x86_64_appstream | |
| nodejs-packaging-2021.06-4.module+el9.3.0+90066+12d4a8d7.noarch.rpm | 5ac6282aadc35cbd625c1c8d41880326 | - | ol9_x86_64_appstream | |
| nodejs-packaging-bundler-2021.06-4.module+el9.3.0+90066+12d4a8d7.noarch.rpm | 6fd8add20ee095a67f8e667c06bf0d38 | - | ol9_x86_64_appstream | |
| npm-10.8.2-1.20.17.0.1.module+el9.5.0+90443+13059b6a.x86_64.rpm | 1dc7a8aa3d52757c2a99cfda41489008 | - | ol9_x86_64_appstream | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:
- Oracle customers - enter a support request
- Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process
