ELSA-2024-1444

ELSA-2024-1444 - nodejs:16 security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2024-03-21

Description

nodejs
[1:16.20.2-4.0.1]
- reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks
Resolves: CVE-2024-22019

nodejs-nodemon
nodejs-packaging
[26-1]
- nodejs.prov: find namespaced bundled dependencies
- Apply https://src.fedoraproject.org/rpms/nodejs-packaging/c/e24e7df

Related CVEs

CVE-2023-44487

CVE-2024-22019

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label
Oracle Linux 8 (aarch64)	nodejs-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.src.rpm	8c3b9acb19d49e0fbdd2df4c563a4ae6	-	ol8_aarch64_appstream
	nodejs-nodemon-3.0.1-1.module+el8.9.0+90185+b2d3b544.src.rpm	47c8327129b215fb3700bb638f6bb22f	-	ol8_aarch64_appstream
	nodejs-packaging-26-1.module+el8.9.0+90185+b2d3b544.src.rpm	509470e0709259f694d33c507a1fa221	-	ol8_aarch64_appstream
	nodejs-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.aarch64.rpm	a0de9fc990d9b268de23e6bebe89f311	-	ol8_aarch64_appstream
	nodejs-devel-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.aarch64.rpm	1a5b8b03f38bba054c0d038272d8134f	-	ol8_aarch64_appstream
	nodejs-docs-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.noarch.rpm	904fb87fdb6db0b65cfed4fdfc0488af	-	ol8_aarch64_appstream
	nodejs-full-i18n-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.aarch64.rpm	8bce39c5063c801095b010f6baaf7b1f	-	ol8_aarch64_appstream
	nodejs-nodemon-3.0.1-1.module+el8.9.0+90185+b2d3b544.noarch.rpm	b36391b3350dfa3b633c942c075d12bd	-	ol8_aarch64_appstream
	nodejs-packaging-26-1.module+el8.9.0+90185+b2d3b544.noarch.rpm	6bdf46075fd8127344129d6d53818f22	-	ol8_aarch64_appstream
	npm-8.19.4-1.16.20.2.4.0.1.module+el8.9.0+90185+b2d3b544.aarch64.rpm	80ba6972626fed9989bdcdc2fb1629e3	-	ol8_aarch64_appstream
Oracle Linux 8 (x86_64)	nodejs-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.src.rpm	8c3b9acb19d49e0fbdd2df4c563a4ae6	-	ol8_x86_64_appstream
	nodejs-nodemon-3.0.1-1.module+el8.9.0+90185+b2d3b544.src.rpm	47c8327129b215fb3700bb638f6bb22f	-	ol8_x86_64_appstream
	nodejs-packaging-26-1.module+el8.9.0+90185+b2d3b544.src.rpm	509470e0709259f694d33c507a1fa221	-	ol8_x86_64_appstream
	nodejs-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.x86_64.rpm	3ad42aef79a130a8dd1891aca39bcf2a	-	ol8_x86_64_appstream
	nodejs-devel-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.x86_64.rpm	b9801620059123e6e8392a7b3e07a349	-	ol8_x86_64_appstream
	nodejs-docs-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.noarch.rpm	904fb87fdb6db0b65cfed4fdfc0488af	-	ol8_x86_64_appstream
	nodejs-full-i18n-16.20.2-4.0.1.module+el8.9.0+90185+b2d3b544.x86_64.rpm	d32de722ae2e33629155f4abe5f9230b	-	ol8_x86_64_appstream
	nodejs-nodemon-3.0.1-1.module+el8.9.0+90185+b2d3b544.noarch.rpm	b36391b3350dfa3b633c942c075d12bd	-	ol8_x86_64_appstream
	nodejs-packaging-26-1.module+el8.9.0+90185+b2d3b544.noarch.rpm	6bdf46075fd8127344129d6d53818f22	-	ol8_x86_64_appstream
	npm-8.19.4-1.16.20.2.4.0.1.module+el8.9.0+90185+b2d3b544.x86_64.rpm	7d5a0922c697c9b01e727ac01fe430e3	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team