ELSA-2023-3586

ULN >
Oracle Linux Errata repository >
ELSA-2023-3586

ELSA-2023-3586 - nodejs security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2023-06-15

Description

[1:16.19.1-2]
- Update bundled c-ares to 1.19.1
Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067

[1:16.19.1-1]
- Rebase to 16.19.1
- Resolves: rhbz#2153714
- Resolves: CVE-2023-23918 CVE-2023-23919 CVE-2023-23936 CVE-2023-24807 CVE-2023-23920
- Resolves: CVE-2022-25881 CVE-2022-4904

[1:16.18.1-3]
- Update sources of undici WASM blobs
Resolves: rhbz#2151617

[1:16.18.1-2]
- Add back libs and v8-devel subpackages
- Related: RHBZ#2121126
- Record previously fixed CVE
- Resolves: CVE-2021-44906

[1:16.18.1-1]
- Rebase + CVEs
- Resolves: #2142808
- Resolves: #2142826, #2131745, #2142855

[16.17.1-1]
- Rebase to version 16.17.1
Resolves: CVE-2022-35255 CVE-2022-35256

[16.16.0-1]
- Rebase to version 16.16.0
Resolves: RHBZ#2106290
Resolves: CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215
Resolves: CVE-2022-29244

[16.14.0-5]
- Decouple dependency bundling from bootstrapping

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	nodejs-16.19.1-2.el9_2.src.rpm	be15e61921dbab7a03d5c6acc769147fba945723ee04581700303498b7ba5eb7	-	ol9_aarch64_appstream
	nodejs-16.19.1-2.el9_2.aarch64.rpm	e824da257f9a2d2f759db86e90e07db7a5e7c8cdc748fc02acff4019cd99841e	-	ol9_aarch64_appstream
	nodejs-docs-16.19.1-2.el9_2.noarch.rpm	40ba07d3eab34a9d76dd4354ce25da555d081dd2bfb7dc6182cc31519f070cc7	-	ol9_aarch64_appstream
	nodejs-full-i18n-16.19.1-2.el9_2.aarch64.rpm	6c536655b23403ac84ecaa54859e2cb981c552346d839f8d374bdcbe062a2cf7	-	ol9_aarch64_appstream
	nodejs-libs-16.19.1-2.el9_2.aarch64.rpm	1aa34d31e1bbae70b194471b0427fae17d1ddb67b1621d447f6aacf32324e716	-	ol9_aarch64_appstream
	npm-8.19.3-1.16.19.1.2.el9_2.aarch64.rpm	227596b1f3eb2f45c8a05fa9ce2bc88765d17ec621086c7ae8d8dfc51347bfe4	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	nodejs-16.19.1-2.el9_2.src.rpm	be15e61921dbab7a03d5c6acc769147fba945723ee04581700303498b7ba5eb7	-	ol9_x86_64_appstream
	nodejs-16.19.1-2.el9_2.x86_64.rpm	21169e81704637b285edf354390928424a735cea7222cd04cc3a094102336344	-	ol9_x86_64_appstream
	nodejs-docs-16.19.1-2.el9_2.noarch.rpm	40ba07d3eab34a9d76dd4354ce25da555d081dd2bfb7dc6182cc31519f070cc7	-	ol9_x86_64_appstream
	nodejs-full-i18n-16.19.1-2.el9_2.x86_64.rpm	4a146652472a25f3e47af8ad1a30b3717a657ee633b14846eab0cfc01a953443	-	ol9_x86_64_appstream
	nodejs-libs-16.19.1-2.el9_2.i686.rpm	5d822542610db3604a2b5d1d496d557a9f2c7288fdfd3fc141610cfed2ae1957	-	ol9_x86_64_appstream
	nodejs-libs-16.19.1-2.el9_2.x86_64.rpm	c9c390ac0e960cfa5127d688923af332a9b979ecf74348f938c5309fd452be83	-	ol9_x86_64_appstream
	npm-8.19.3-1.16.19.1.2.el9_2.x86_64.rpm	61a86a75597bc20e22baa31f97fb74c6d47f462303eaf69cfa68957cde091d32	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691