ELSA-2020-2852
- ULN >
- Oracle Linux Errata repository >
- ELSA-2020-2852
ELSA-2020-2852 - nodejs:12 security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2020-07-14 |
Description
nodejs
[12.18.2-1]
- Rebase to 12.18.2
[1:12.18.1-1]
- Rebase
- Spec clean up
- Provide i18n package, bundle icu
- Resolves: RHBZ#1845310, RHBZ#1845691
[1:12.18.0-1]
- Security update to 12.18.0
- Resolves: RHBZ#1845310, RHBZ#1845691
[1:12.16.1-2]
- Fix CVE-2020-10531
[1:12.16.1-1]
- Resolves: RHBZ#1800395, RHBZ#1800396, RHBZ#1800381
- Rebase to 12.16.1
[1:12.14.1-1]
- Rebase to 12.14.1
[1:12.13.1-1]
- Resolves: RHBZ# 1773503, update to 12.13.1
- minor clean up and sync with Fedora spec
- turn off debug builds
[1:12.4.0-2]
- Resolves:RHBZ#1685191
- Add condition to libs
[1:12.4.0-1]
- Update to v12.x
- Add v8-devel and libs subpackages from fedora
[1:10.14.1-2]
- move nodejs-packaging BR out of conditional
[1:10.14.1-1]
- Resolves: RHBZ#1644207
- fixes node-gyp permissions
- rebase
[1:10.11.0-2]
- BuildRequire nodejs-packaging for proper npm dependency generation
- Resolves: rhbz#1615947
[1:10.11.0-1]
- Rebase to 10.11.0
- Import changes from fedora
- Resolves: rhbz#1621766
[1:10.7.0-5]
- Import sources from fedora
- Allow using python2 at %build and %install
- turn off debug for aarch64
[1:10.7.0-4]
- Fix npm upgrade scriptlet
- Fix unexpected trailing .1 in npm release field
[1:10.7.0-3]
- Restore annotations to binaries
- Fix unexpected trailing .1 in release field
[1:10.7.0-2]
- Update to 10.7.0
- https://nodejs.org/en/blog/release/v10.7.0/
- https://nodejs.org/en/blog/release/v10.6.0/
[1:10.5.0-1.1]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
[1:10.5.0-1]
- Update to 10.5.0
- https://nodejs.org/en/blog/release/v10.5.0/
[1:10.4.1-1]
- Update to 10.4.1 to address security issues
- https://nodejs.org/en/blog/release/v10.4.1/
- Resolves: rhbz#1590801
- Resolves: rhbz#1591014
- Resolves: rhbz#1591019
[1:10.4.0-1]
- Update to 10.4.0
- https://nodejs.org/en/blog/release/v10.4.0/
[1:10.3.0-1]
- Update to 10.3.0
- Update npm to 6.1.0
- https://nodejs.org/en/blog/release/v10.3.0/
[1:10.2.1-2]
- Fix up bare 'python' to be python2
- Drop redundant entry in docs section
[1:10.2.1-1]
- Update to 10.2.1
- https://nodejs.org/en/blog/release/v10.2.1/
[1:10.2.0-1]
- Update to 10.2.0
- https://nodejs.org/en/blog/release/v10.2.0/
[1:10.1.0-3]
- Fix incorrect rpm macro
[1:10.1.0-2]
- Include upstream v8 fix for ppc64[le]
- Disable debug build on ppc64[le] and s390x
[1:10.1.0-1]
- Update to 10.1.0
- https://nodejs.org/en/blog/release/v10.1.0/
- Reenable node_g binary
[1:10.0.0-1]
- Update to 10.0.0
- https://nodejs.org/en/blog/release/v10.0.0/
- Drop workaround patch
- Temporarily drop node_g binary due to
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85587
[1:9.11.1-2]
- Use standard Fedora linker flags (bug #1543859)
[1:9.11.1-1]
- Update to 9.11.1
- https://nodejs.org/en/blog/release/v9.11.0/
- https://nodejs.org/en/blog/release/v9.11.1/
[1:9.10.0-1]
- Update to 9.10.0
- https://nodejs.org/en/blog/release/v9.10.0/
[1:9.9.0-1]
- Update to 9.9.0
- https://nodejs.org/en/blog/release/v9.9.0/
[1:9.8.0-1]
- Update to 9.8.0
- https://nodejs.org/en/blog/release/v9.8.0/
[1:9.7.0-1]
- Update to 9.7.0
- https://nodejs.org/en/blog/release/v9.7.0/
- Work around F28 build issue
[1:9.6.1-1]
- Update to 9.6.1
- https://nodejs.org/en/blog/release/v9.6.1/
- https://nodejs.org/en/blog/release/v9.6.0/
[1:9.5.0-1]
- Package Node.js 9.5.0
[1:8.9.4-2]
- Fix incorrect Requires:
[1:8.9.4-1]
- Update to 8.9.4
- https://nodejs.org/en/blog/release/v8.9.4/
- Switch to system copy of nghttp2
[1:8.9.3-2]
- Update to 8.9.3
- https://nodejs.org/en/blog/release/v8.9.3/
- https://nodejs.org/en/blog/release/v8.9.2/
[1:8.9.1-2]
- Rebuild for ICU 60.1
[1:8.9.1-1]
- Update to 8.9.1
[1:8.9.0-1]
- Update to 8.9.0
- Drop upstreamed patch
[1:8.8.1-1]
- Update to 8.8.1 to fix a regression
[1:8.8.0-1]
- Security update to 8.8.0
- https://nodejs.org/en/blog/release/v8.8.0/
[1:8.7.0-1]
- Update to 8.7.0
- https://nodejs.org/en/blog/release/v8.7.0/
[1:8.6.0-2]
- Use bcond macro instead of bootstrap conditional
[1:8.6.0-1]
- Fix nghttp2 version
- Update to 8.6.0
- https://nodejs.org/en/blog/release/v8.6.0/
[1:8.5.0-3]
- Build with bootstrap + bundle libuv for modularity
- backport patch for aarch64 debug build
[1:8.5.0-2]
- Disable debug builds on aarch64 due to https://github.com/nodejs/node/issues/15395
[1:8.5.0-1]
- Update to v8.5.0
- https://nodejs.org/en/blog/release/v8.5.0/
[1:8.4.0-2]
- Refactor openssl BR
[1:8.4.0-1]
- Update to v8.4.0
- https://nodejs.org/en/blog/release/v8.4.0/
- http2 is now supported, add bundled nghttp2
- remove openssl 1.0.1 patches, we won't be using them in fedora
[1:8.3.0-1]
- Update to v8.3.0
- https://nodejs.org/en/blog/release/v8.3.0/
- update V8 to 6.0
- update minimal gcc and g++ requirements to 4.9.4
[1:8.2.1-2]
- Bump release to fix broken dependencies
[1:8.2.1-1.2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
[1:8.2.1-1.1]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
[1:8.2.1-1]
- Update to v8.2.1
- https://nodejs.org/en/blog/release/v8.2.1/
[1:8.2.0-1]
- Update to v8.2.0
- https://nodejs.org/en/blog/release/v8.2.0/
- Update npm to 5.3.0
- Adds npx command
[1:8.1.4-3]
- s/BuildRequires/Requires/ for http-parser-devel%{?_isa}
[1:8.1.4-2]
- Rename python-devel to python2-devel
- own %{_pkgdocdir}/npm
[1:8.1.4-1]
- Update to v8.1.4
- https://nodejs.org/en/blog/release/v8.1.4/
- Drop upstreamed c-ares patch
[1:8.1.3-1]
- Update to v8.1.3
- https://nodejs.org/en/blog/release/v8.1.3/
[1:8.1.2-1]
- Update to v8.1.2
- remove GCC 7 patch, as it is now fixed in node >= 6.12
nodejs-nodemon
nodejs-packaging
Related CVEs
| CVE-2020-8174 |
| CVE-2020-8172 |
| CVE-2020-11080 |
| CVE-2020-7598 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 8 (aarch64) | nodejs-12.18.2-1.module+el8.2.0+7636+541a18d0.src.rpm | 63b98b6db4e35e97a3816302c3a25cd1ce6ea180c02dca3f40b74aea3b725838 | - | ol8_aarch64_appstream |
| nodejs-nodemon-1.18.3-1.module+el8.1.0+5393+aaf413e3.src.rpm | 1fb6bbfbaf7433384a4b13d7254304fa99935dfff49ae0f62ac45290c01d24bd | - | ol8_aarch64_appstream | |
| nodejs-12.18.2-1.module+el8.2.0+7636+541a18d0.aarch64.rpm | 96e6995ffe4cdc1fc2242c77e5e247c5c5cafbc827657f5890bc936a319428ce | - | ol8_aarch64_appstream | |
| nodejs-devel-12.18.2-1.module+el8.2.0+7636+541a18d0.aarch64.rpm | 0f66c50d01eb619284ca399f96e45b703bacb17713a1ec16de0a0026b0a0613e | - | ol8_aarch64_appstream | |
| nodejs-docs-12.18.2-1.module+el8.2.0+7636+541a18d0.noarch.rpm | 907ab9c6a3d879817a9ad8107f6fb9c072981d036de01487ee554fc56fcc749d | - | ol8_aarch64_appstream | |
| nodejs-full-i18n-12.18.2-1.module+el8.2.0+7636+541a18d0.aarch64.rpm | 0630a1f9d42fa2e21091e6380cb3cc75b6c6c8dabf2630797b2393f6a7520f50 | - | ol8_aarch64_appstream | |
| nodejs-nodemon-1.18.3-1.module+el8.1.0+5393+aaf413e3.noarch.rpm | 3974b5540dc73364204000b6d0141377988365485f445a9da09636901164655a | - | ol8_aarch64_appstream | |
| nodejs-packaging-17-3.module+el8.1.0+5393+aaf413e3.noarch.rpm | c4e0a30750b0b0858c40f7cf5781b79e413fc312e797933f022048457657e3d0 | - | ol8_aarch64_appstream | |
| nodejs-packaging-17-3.module+el8.1.0+5393+aaf413e3.noarch.rpm | c4e0a30750b0b0858c40f7cf5781b79e413fc312e797933f022048457657e3d0 | - | ol8_aarch64_appstream_developer | |
| npm-6.14.5-1.12.18.2.1.module+el8.2.0+7636+541a18d0.aarch64.rpm | c73c127305c166d36ae324252f1d1e5aa76d302eec3b3e1ffa2ad354d879031b | - | ol8_aarch64_appstream | |
| Oracle Linux 8 (x86_64) | nodejs-12.18.2-1.module+el8.2.0+7636+541a18d0.src.rpm | 63b98b6db4e35e97a3816302c3a25cd1ce6ea180c02dca3f40b74aea3b725838 | - | ol8_x86_64_appstream |
| nodejs-nodemon-1.18.3-1.module+el8.1.0+5393+aaf413e3.src.rpm | 1fb6bbfbaf7433384a4b13d7254304fa99935dfff49ae0f62ac45290c01d24bd | - | ol8_x86_64_appstream | |
| nodejs-12.18.2-1.module+el8.2.0+7636+541a18d0.x86_64.rpm | 2abe4e7dc3a39a8866b4d53e539647ddf0acc261d77700733dce315caacf0ab6 | - | ol8_x86_64_appstream | |
| nodejs-devel-12.18.2-1.module+el8.2.0+7636+541a18d0.x86_64.rpm | 41d67abf2eb6c60f73aadd653aa968d49d3bbd6b91be5cb80f2726fc32aebcb6 | - | ol8_x86_64_appstream | |
| nodejs-docs-12.18.2-1.module+el8.2.0+7636+541a18d0.noarch.rpm | 907ab9c6a3d879817a9ad8107f6fb9c072981d036de01487ee554fc56fcc749d | - | ol8_x86_64_appstream | |
| nodejs-full-i18n-12.18.2-1.module+el8.2.0+7636+541a18d0.x86_64.rpm | 6dabea35774668cec06f04ddd909af5acaa17ae3821817ebf4842f2ded270ee7 | - | ol8_x86_64_appstream | |
| nodejs-nodemon-1.18.3-1.module+el8.1.0+5393+aaf413e3.noarch.rpm | 3974b5540dc73364204000b6d0141377988365485f445a9da09636901164655a | - | ol8_x86_64_appstream | |
| nodejs-packaging-17-3.module+el8.1.0+5393+aaf413e3.noarch.rpm | c4e0a30750b0b0858c40f7cf5781b79e413fc312e797933f022048457657e3d0 | - | ol8_x86_64_appstream | |
| nodejs-packaging-17-3.module+el8.1.0+5393+aaf413e3.noarch.rpm | c4e0a30750b0b0858c40f7cf5781b79e413fc312e797933f022048457657e3d0 | - | ol8_x86_64_appstream_developer | |
| npm-6.14.5-1.12.18.2.1.module+el8.2.0+7636+541a18d0.x86_64.rpm | 6661e4f4497aef414ff06df674bf48ba3a31c9ad29fd40399088bad10a3b540f | - | ol8_x86_64_appstream | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
