ELSA-2023-3586

ELSA-2023-3586 - nodejs security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2023-06-15

Description


[1:16.19.1-2]
- Update bundled c-ares to 1.19.1
Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067

[1:16.19.1-1]
- Rebase to 16.19.1
- Resolves: rhbz#2153714
- Resolves: CVE-2023-23918 CVE-2023-23919 CVE-2023-23936 CVE-2023-24807 CVE-2023-23920
- Resolves: CVE-2022-25881 CVE-2022-4904

[1:16.18.1-3]
- Update sources of undici WASM blobs
Resolves: rhbz#2151617

[1:16.18.1-2]
- Add back libs and v8-devel subpackages
- Related: RHBZ#2121126
- Record previously fixed CVE
- Resolves: CVE-2021-44906

[1:16.18.1-1]
- Rebase + CVEs
- Resolves: #2142808
- Resolves: #2142826, #2131745, #2142855

[16.17.1-1]
- Rebase to version 16.17.1
Resolves: CVE-2022-35255 CVE-2022-35256

[16.16.0-1]
- Rebase to version 16.16.0
Resolves: RHBZ#2106290
Resolves: CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215
Resolves: CVE-2022-29244

[16.14.0-5]
- Decouple dependency bundling from bootstrapping


Related CVEs


CVE-2023-31124
CVE-2023-32067
CVE-2023-31147
CVE-2023-31130

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) nodejs-16.19.1-2.el9_2.src.rpmbe15e61921dbab7a03d5c6acc769147fba945723ee04581700303498b7ba5eb7-ol9_aarch64_appstream
nodejs-16.19.1-2.el9_2.aarch64.rpme824da257f9a2d2f759db86e90e07db7a5e7c8cdc748fc02acff4019cd99841e-ol9_aarch64_appstream
nodejs-docs-16.19.1-2.el9_2.noarch.rpm40ba07d3eab34a9d76dd4354ce25da555d081dd2bfb7dc6182cc31519f070cc7-ol9_aarch64_appstream
nodejs-full-i18n-16.19.1-2.el9_2.aarch64.rpm6c536655b23403ac84ecaa54859e2cb981c552346d839f8d374bdcbe062a2cf7-ol9_aarch64_appstream
nodejs-libs-16.19.1-2.el9_2.aarch64.rpm1aa34d31e1bbae70b194471b0427fae17d1ddb67b1621d447f6aacf32324e716-ol9_aarch64_appstream
npm-8.19.3-1.16.19.1.2.el9_2.aarch64.rpm227596b1f3eb2f45c8a05fa9ce2bc88765d17ec621086c7ae8d8dfc51347bfe4-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) nodejs-16.19.1-2.el9_2.src.rpmbe15e61921dbab7a03d5c6acc769147fba945723ee04581700303498b7ba5eb7-ol9_x86_64_appstream
nodejs-16.19.1-2.el9_2.x86_64.rpm21169e81704637b285edf354390928424a735cea7222cd04cc3a094102336344-ol9_x86_64_appstream
nodejs-docs-16.19.1-2.el9_2.noarch.rpm40ba07d3eab34a9d76dd4354ce25da555d081dd2bfb7dc6182cc31519f070cc7-ol9_x86_64_appstream
nodejs-full-i18n-16.19.1-2.el9_2.x86_64.rpm4a146652472a25f3e47af8ad1a30b3717a657ee633b14846eab0cfc01a953443-ol9_x86_64_appstream
nodejs-libs-16.19.1-2.el9_2.i686.rpm5d822542610db3604a2b5d1d496d557a9f2c7288fdfd3fc141610cfed2ae1957-ol9_x86_64_appstream
nodejs-libs-16.19.1-2.el9_2.x86_64.rpmc9c390ac0e960cfa5127d688923af332a9b979ecf74348f938c5309fd452be83-ol9_x86_64_appstream
npm-8.19.3-1.16.19.1.2.el9_2.x86_64.rpm61a86a75597bc20e22baa31f97fb74c6d47f462303eaf69cfa68957cde091d32-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete