Stay Connected:

ELSA-2023-0321

ELSA-2023-0321 - nodejs and nodejs-nodemon security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2023-01-24

Description


nodejs
[1:16.18.1-3]
- Update sources of undici WASM blobs
Resolves: rhbz#2151617

[1:16.18.1-2]
- Add back libs and v8-devel subpackages
- Related: RHBZ#2121126
- Record previously fixed CVE
- Resolves: CVE-2021-44906

[1:16.18.1-1]
- Rebase + CVEs
- Resolves: #2142808
- Resolves: #2142826, #2131745, #2142855

nodejs-nodemon
[2.0.20-2]
- Record CVE fixed in the current or previous upstream versions
- Resolves: CVE-2021-44906


Related CVEs


CVE-2022-43548
CVE-2022-35256
CVE-2021-44906
CVE-2022-3517

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 9 (aarch64) nodejs-16.18.1-3.el9_1.src.rpm9dec58e19b69dae71faa7354139067b0-
nodejs-nodemon-2.0.20-2.el9_1.src.rpm89594bea1ea4c69434fd30b3be7b6a84-
nodejs-16.18.1-3.el9_1.aarch64.rpm91b1a518a06bd90ece2ce91c301aef83-
nodejs-docs-16.18.1-3.el9_1.noarch.rpm09c1d4eb1aa59e778b0755ccc710c639-
nodejs-full-i18n-16.18.1-3.el9_1.aarch64.rpmf43c46b9e3d94da0bc13d1bc9db1d776-
nodejs-libs-16.18.1-3.el9_1.aarch64.rpmd68234a121515ef7dd06e094f2e2319c-
nodejs-nodemon-2.0.20-2.el9_1.noarch.rpm8b93fe73e4e95e14339826c50c294bcd-
npm-8.19.2-1.16.18.1.3.el9_1.aarch64.rpmf9f6ceccda4f2169fe4b79ad2375fc63-
Oracle Linux 9 (x86_64) nodejs-16.18.1-3.el9_1.src.rpm9dec58e19b69dae71faa7354139067b0-
nodejs-nodemon-2.0.20-2.el9_1.src.rpm89594bea1ea4c69434fd30b3be7b6a84-
nodejs-16.18.1-3.el9_1.x86_64.rpm886796b2fe7d7152df5d93dbd8ae8c7d-
nodejs-docs-16.18.1-3.el9_1.noarch.rpm09c1d4eb1aa59e778b0755ccc710c639-
nodejs-full-i18n-16.18.1-3.el9_1.x86_64.rpm0f889640cf5d4a0701c2bb83f6790993-
nodejs-libs-16.18.1-3.el9_1.i686.rpmcaf23384df5c13504c4142f6d8ee46ff-
nodejs-libs-16.18.1-3.el9_1.x86_64.rpm66650bbab3ec73306ad8ebe09f3c7dd0-
nodejs-nodemon-2.0.20-2.el9_1.noarch.rpm8b93fe73e4e95e14339826c50c294bcd-
npm-8.19.2-1.16.18.1.3.el9_1.x86_64.rpmbc8c8283656325536b7f197a13a17a14-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights