ELSA-2026-35891

ELSA-2026-35891 - nodejs:24 security, bug fix, and enhancement update

Type:SECURITY
Impact:IMPORTANT
Release Date:2026-07-07

Description


nodejs
[1:24.18.0-1]
- Update to version 24.18.0

nodejs-nodemon
[3.0.3-3]
- Keep BR on just npm

[3.0.3-2]
- Fix BR for nodejs-npm

nodejs-packaging
[2021.06-6]
- Properly handle @group/package deps in nodejs-symlink-deps
Resolves: RHEL-121569

[2021.06-5]
- nodejs.req to properly detect bundled deps


Related CVEs


CVE-2026-11525
CVE-2026-12151
CVE-2026-42338
CVE-2026-48615
CVE-2026-48618
CVE-2026-48619
CVE-2026-48928
CVE-2026-48930
CVE-2026-48933
CVE-2026-48934
CVE-2026-48935
CVE-2026-6733
CVE-2026-6734
CVE-2026-9678
CVE-2026-9697

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) nodejs-24.18.0-1.module+el9.8.0+90946+13dc792a.src.rpme274fdde3e5dde2b69265ab084be0711920012c2f291d969dc29011a80f79a88-ol9_aarch64_appstream
nodejs-nodemon-3.0.3-3.module+el9.8.0+90946+13dc792a.src.rpmd5612f68eaa69d56ce181833b0ae674291b1f9c89289b78c7a1b326571038bd9-ol9_aarch64_appstream
nodejs-packaging-2021.06-6.module+el9.8.0+90946+13dc792a.src.rpm3e609d717f6038e78b086b242cb7a67b2f08e537d00372eed01295497a369686-ol9_aarch64_appstream
nodejs-24.18.0-1.module+el9.8.0+90946+13dc792a.aarch64.rpmd1058f32d93ad7740b579e3b3fce74ef94ad455e6c6e6f9152dcba35c8761b02-ol9_aarch64_appstream
nodejs-devel-24.18.0-1.module+el9.8.0+90946+13dc792a.aarch64.rpm8a6c23bee9e88eb7ec5931080cc87db977fb9afbd9a2f22c14ddedd00a99d1c0-ol9_aarch64_appstream
nodejs-docs-24.18.0-1.module+el9.8.0+90946+13dc792a.noarch.rpmc77a13af68d12a339c16a013ee916e241bd9ae2b2f6bc5cf4f8f29a08d33fc2e-ol9_aarch64_appstream
nodejs-full-i18n-24.18.0-1.module+el9.8.0+90946+13dc792a.aarch64.rpm07bf90f2f2dea1f2157e55a521cd9215a493813d3d342c279cb80dbd9917544c-ol9_aarch64_appstream
nodejs-libs-24.18.0-1.module+el9.8.0+90946+13dc792a.aarch64.rpm2cfe833c24dbd558cfb85a120f52a1143fe0db499f77cf6157033531871b2c72-ol9_aarch64_appstream
nodejs-nodemon-3.0.3-3.module+el9.8.0+90946+13dc792a.noarch.rpm5ab85e7166302c12025441d91569ef535004424a9cb1c2cafe7a20bafb184f9c-ol9_aarch64_appstream
nodejs-packaging-2021.06-6.module+el9.8.0+90946+13dc792a.noarch.rpm485f612fb14ad0dcc61fe2dbbe427fa78b59cb9350946740bc1cbe504b657546-ol9_aarch64_appstream
nodejs-packaging-bundler-2021.06-6.module+el9.8.0+90946+13dc792a.noarch.rpm498c5fb6cf7e4834b23849a0ef21f8286407866600f75fd3a69330f548fcbf28-ol9_aarch64_appstream
npm-11.16.0-1.24.18.0.1.module+el9.8.0+90946+13dc792a.noarch.rpm49031e2b9e3e739466490b8bcb835287f673e38ba6f17e3e3d6c5f49638026bd-ol9_aarch64_appstream
v8-13.6-devel-13.6.233.17-1.24.18.0.1.module+el9.8.0+90946+13dc792a.aarch64.rpmb26d6445a34e2d3408a6b8e2a6c1bcb91667b0755456f55be44c27e6b94387d7-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) nodejs-24.18.0-1.module+el9.8.0+90946+13dc792a.src.rpme274fdde3e5dde2b69265ab084be0711920012c2f291d969dc29011a80f79a88-ol9_x86_64_appstream
nodejs-nodemon-3.0.3-3.module+el9.8.0+90946+13dc792a.src.rpmd5612f68eaa69d56ce181833b0ae674291b1f9c89289b78c7a1b326571038bd9-ol9_x86_64_appstream
nodejs-packaging-2021.06-6.module+el9.8.0+90946+13dc792a.src.rpm3e609d717f6038e78b086b242cb7a67b2f08e537d00372eed01295497a369686-ol9_x86_64_appstream
nodejs-24.18.0-1.module+el9.8.0+90946+13dc792a.x86_64.rpm920a6a0930dac2e135d22ac9063c944f9f63de16e6f5dc7400bf83aca4f6efd5-ol9_x86_64_appstream
nodejs-devel-24.18.0-1.module+el9.8.0+90946+13dc792a.x86_64.rpmba0af7fb4168f0fc798e704226d791d74acba43a3211eeb974e7be0197b81ec1-ol9_x86_64_appstream
nodejs-docs-24.18.0-1.module+el9.8.0+90946+13dc792a.noarch.rpmc77a13af68d12a339c16a013ee916e241bd9ae2b2f6bc5cf4f8f29a08d33fc2e-ol9_x86_64_appstream
nodejs-full-i18n-24.18.0-1.module+el9.8.0+90946+13dc792a.x86_64.rpma9eb42712e8de9a146d26bd8337f22cf631966790099198015de841547493028-ol9_x86_64_appstream
nodejs-libs-24.18.0-1.module+el9.8.0+90946+13dc792a.x86_64.rpm9bbebfe614f9535ed41cbd5afb1c2bd60963f275cd61f39118663b60c6d44798-ol9_x86_64_appstream
nodejs-nodemon-3.0.3-3.module+el9.8.0+90946+13dc792a.noarch.rpm5ab85e7166302c12025441d91569ef535004424a9cb1c2cafe7a20bafb184f9c-ol9_x86_64_appstream
nodejs-packaging-2021.06-6.module+el9.8.0+90946+13dc792a.noarch.rpm485f612fb14ad0dcc61fe2dbbe427fa78b59cb9350946740bc1cbe504b657546-ol9_x86_64_appstream
nodejs-packaging-bundler-2021.06-6.module+el9.8.0+90946+13dc792a.noarch.rpm498c5fb6cf7e4834b23849a0ef21f8286407866600f75fd3a69330f548fcbf28-ol9_x86_64_appstream
npm-11.16.0-1.24.18.0.1.module+el9.8.0+90946+13dc792a.noarch.rpm49031e2b9e3e739466490b8bcb835287f673e38ba6f17e3e3d6c5f49638026bd-ol9_x86_64_appstream
v8-13.6-devel-13.6.233.17-1.24.18.0.1.module+el9.8.0+90946+13dc792a.x86_64.rpmd007224c28ef9f4fd3e8c8951d4016378e43abf767e2c8afef26bfc07e9727cd-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete