Stay Connected:

ELSA-2021-5171

ELSA-2021-5171 - nodejs:16 security, bug fix, and enhancement update

Type:SECURITY
Impact:MODERATE
Release Date:2021-12-16

Description


nodejs
[16.13.1-3.0.1]
- Libraries must not be group-writeable. Change node-gyp permission to 0755 [Orabug: 28451433]

[1:16.13.1-3]
- Resolves: RHBZ#2027610
- Add corepack to spec

[1:16.13.1-2]
- Resolves: RHBZ#2027610
- Update npm version test

[1:16.13.1-1]
- Resolves: RHBZ#2027644, RHBZ#2027643, RHBZ#2027638, RHBZ#2027633
- Resolves: RHBZ#2027610
- Rebase to LTS release and to fix multiple low and medium CVEs

nodejs-nodemon
[2.0.15-1]
- Resolves: RHBZ#2027630
- Resolves CVE-2020-28469
- Rebase to newest version
- Change source to npmjs.com


Related CVEs


CVE-2020-7788
CVE-2021-22959
CVE-2020-28469
CVE-2021-3807
CVE-2021-22960
CVE-2021-33502
CVE-2021-3918

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) nodejs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.src.rpm53ebb7751375f19b34b63ecc43049a1f9a0b564e8580dae98e82b26a794821c1-ol8_aarch64_appstream
nodejs-nodemon-2.0.15-1.module+el8.5.0+20457+52828f44.src.rpm165ee843e8ec3aac7f05991c9b34c41b20fe967193d61c38d839d93aaae6c195-ol8_aarch64_appstream
nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.src.rpm28d8e57cabfa2374fbd4821d4bf257670c650b89368e95e0472f4cac879f2979-ol8_aarch64_appstream
nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.src.rpm28d8e57cabfa2374fbd4821d4bf257670c650b89368e95e0472f4cac879f2979-ol8_aarch64_appstream_developer
nodejs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.aarch64.rpm22b5dcbf22d26585b3a33c5fb64cb095dda50162bb3fe9a8193b83747f4d1a32-ol8_aarch64_appstream
nodejs-devel-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.aarch64.rpm830edb21340c777862da83e40455eca046a55e76f22b5bf3e02e3204e2661fe8-ol8_aarch64_appstream
nodejs-docs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.noarch.rpm85be8e9cde4a0415542ed58455081f1bdc4390300829d2ff4d74a6be49bb8aed-ol8_aarch64_appstream
nodejs-full-i18n-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.aarch64.rpmed498b0adb52200eaa7d0b97bc1b94bfee4a91434e85f9103cc154cc291598c7-ol8_aarch64_appstream
nodejs-nodemon-2.0.15-1.module+el8.5.0+20457+52828f44.noarch.rpma0ba54f55befb8ff7309f92a296acce883a8a6e52cd18af2b86ae7fc29db2cf0-ol8_aarch64_appstream
nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.noarch.rpm5034499d0ea8988fc020bcbfd5950844d643e437f8265b14f5721bdc3a71278f-ol8_aarch64_appstream
nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.noarch.rpm5034499d0ea8988fc020bcbfd5950844d643e437f8265b14f5721bdc3a71278f-ol8_aarch64_appstream_developer
npm-8.1.2-1.16.13.1.3.0.1.module+el8.5.0+20457+52828f44.aarch64.rpm89098cb4517d6c32f84c4bc6e11973e516e8ee115cc307e9c4ac74892fb9a0b2-ol8_aarch64_appstream
Oracle Linux 8 (x86_64) nodejs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.src.rpm53ebb7751375f19b34b63ecc43049a1f9a0b564e8580dae98e82b26a794821c1-ol8_x86_64_appstream
nodejs-nodemon-2.0.15-1.module+el8.5.0+20457+52828f44.src.rpm165ee843e8ec3aac7f05991c9b34c41b20fe967193d61c38d839d93aaae6c195-ol8_x86_64_appstream
nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.src.rpm28d8e57cabfa2374fbd4821d4bf257670c650b89368e95e0472f4cac879f2979-ol8_x86_64_appstream
nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.src.rpm28d8e57cabfa2374fbd4821d4bf257670c650b89368e95e0472f4cac879f2979-ol8_x86_64_appstream_developer
nodejs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.x86_64.rpm2acc5e7598621bece6107e6e8c52aff08b5eba48ca4ace883705fddbab037ae7-ol8_x86_64_appstream
nodejs-devel-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.x86_64.rpm2627ec51849f9a330394f59a68b81de3e5b9fa30c5638b9c4bd8178a92a3c66e-ol8_x86_64_appstream
nodejs-docs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.noarch.rpm85be8e9cde4a0415542ed58455081f1bdc4390300829d2ff4d74a6be49bb8aed-ol8_x86_64_appstream
nodejs-full-i18n-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.x86_64.rpm05038911ef3dde0b2dc32e0bbb8856918746ec4058c558d33cee6f498b6fd7ce-ol8_x86_64_appstream
nodejs-nodemon-2.0.15-1.module+el8.5.0+20457+52828f44.noarch.rpma0ba54f55befb8ff7309f92a296acce883a8a6e52cd18af2b86ae7fc29db2cf0-ol8_x86_64_appstream
nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.noarch.rpm5034499d0ea8988fc020bcbfd5950844d643e437f8265b14f5721bdc3a71278f-ol8_x86_64_appstream
nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.noarch.rpm5034499d0ea8988fc020bcbfd5950844d643e437f8265b14f5721bdc3a71278f-ol8_x86_64_appstream_developer
npm-8.1.2-1.16.13.1.3.0.1.module+el8.5.0+20457+52828f44.x86_64.rpma82e35323546eaddeba60af20e2e8f4d54c025b04f0fbb8cf60a0c843ea3d53f-ol8_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights