ELSA-2024-1444

ULN >
Oracle Linux Errata repository >
ELSA-2024-1444

ELSA-2024-1444 - nodejs:16 security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2024-03-21

Description

nodejs
[1:16.20.2-4.0.1]
- reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks
Resolves: CVE-2024-22019

nodejs-nodemon
nodejs-packaging
[26-1]
- nodejs.prov: find namespaced bundled dependencies
- Apply https://src.fedoraproject.org/rpms/nodejs-packaging/c/e24e7df

Related CVEs

CVE-2023-44487

CVE-2024-22019

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	nodejs-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.src.rpm	ff8364877cc9a9d448ecdec187f5bdc2de4468bf7964b6315983e02dea42c561	-	ol8_aarch64_appstream
	nodejs-nodemon-3.0.1-1.module+el8.9.0+90185+b2d3b544.src.rpm	8448903991e20ad466e974cbf1cf1842960e82e1a37a7ed2fc8b736f87986703	-	ol8_aarch64_appstream
	nodejs-packaging-26-1.module+el8.9.0+90185+b2d3b544.src.rpm	538ad464043236ee29bd9b842082f2a0ec16734e4492d68a4862db493e8eda53	-	ol8_aarch64_appstream
	nodejs-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.aarch64.rpm	4ebb8a6391b54ce89f9f19a699c0e1ba807ee6e3dd17d4103c8ac7d14b77dc28	-	ol8_aarch64_appstream
	nodejs-devel-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.aarch64.rpm	137bd238d236a4b02be6cdb0aebf788b0ab46521ade790b1620e662f15135c6b	-	ol8_aarch64_appstream
	nodejs-docs-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.noarch.rpm	56d4ff06fd472e5819828f9b734910347d4b8456ce4d6ab3e851b75ee181f34d	-	ol8_aarch64_appstream
	nodejs-full-i18n-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.aarch64.rpm	7d3dbff08093d2311ea4cab9d0a47cd1decdb658546449476e7f35c5f34928ab	-	ol8_aarch64_appstream
	nodejs-nodemon-3.0.1-1.module+el8.9.0+90185+b2d3b544.noarch.rpm	644d386d9e8cfe07cd3d70b4344ff3ea0436a5ff2c3c801d1b2a539b4fddbd9c	-	ol8_aarch64_appstream
	nodejs-packaging-26-1.module+el8.9.0+90185+b2d3b544.noarch.rpm	8cda391dac6943bfb65ad1b67a72a82cd751c4f2907f6de4c96610935fd20051	-	ol8_aarch64_appstream
	npm-8.19.4-1.16.20.2.4.0.1.module+el8.9.0+90185+b2d3b544.aarch64.rpm	af9314153b36dbba7b23cd86ec071f4c712a809079673290ff237c2fc16fb5dd	-	ol8_aarch64_appstream

Oracle Linux 8 (x86_64)	nodejs-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.src.rpm	ff8364877cc9a9d448ecdec187f5bdc2de4468bf7964b6315983e02dea42c561	-	ol8_x86_64_appstream
	nodejs-nodemon-3.0.1-1.module+el8.9.0+90185+b2d3b544.src.rpm	8448903991e20ad466e974cbf1cf1842960e82e1a37a7ed2fc8b736f87986703	-	ol8_x86_64_appstream
	nodejs-packaging-26-1.module+el8.9.0+90185+b2d3b544.src.rpm	538ad464043236ee29bd9b842082f2a0ec16734e4492d68a4862db493e8eda53	-	ol8_x86_64_appstream
	nodejs-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.x86_64.rpm	989632ab1dec14c3f138ac995f0388b6439c6ce8cfaf0702a0b2bafcdcd5443a	-	ol8_x86_64_appstream
	nodejs-devel-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.x86_64.rpm	0729f2639ce7432ccbf156c5891f10427887d88975897bdecbe540f2403483ea	-	ol8_x86_64_appstream
	nodejs-docs-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.noarch.rpm	56d4ff06fd472e5819828f9b734910347d4b8456ce4d6ab3e851b75ee181f34d	-	ol8_x86_64_appstream
	nodejs-full-i18n-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.x86_64.rpm	a29b5ba34ae85ca439218661550df2f706bdf9c6f1fbc9475058dc3fca20b745	-	ol8_x86_64_appstream
	nodejs-nodemon-3.0.1-1.module+el8.9.0+90185+b2d3b544.noarch.rpm	644d386d9e8cfe07cd3d70b4344ff3ea0436a5ff2c3c801d1b2a539b4fddbd9c	-	ol8_x86_64_appstream
	nodejs-packaging-26-1.module+el8.9.0+90185+b2d3b544.noarch.rpm	8cda391dac6943bfb65ad1b67a72a82cd751c4f2907f6de4c96610935fd20051	-	ol8_x86_64_appstream
	npm-8.19.4-1.16.20.2.4.0.1.module+el8.9.0+90185+b2d3b544.x86_64.rpm	1798405a2adbc04892d54cb6821f3a4963c696b5a931d1718f1a235e44ce1a81	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691