Lucene search
OracleLinuxELSA-2020-1317HistoryApr 15, 2020 - 12:00 a.m.
nodejs:10 security update
2020-04-1500:00:00
linux.oracle.com
44
EPSS
0.078
Percentile
94.3%
nodejs
[1:10.19.0-2]
- Resolves: RHBZ#1811498
[1:10.19.0-1] - Rebase to 10.19.0 to fix CVE-2019-15604 to CVE-2019-15606
[1:10.16.3-1] - Rebase to 10.16.3 to fix CVE-2019-9511 to CVE-2019-9518
[1:10.14.1-1] - Resolves: RHBZ#1644207
- fixes node-gyp permissions
- rebase
[1:10.11.0-2] - BuildRequire nodejs-packaging for proper npm dependency generation
- Resolves: rhbz#1615947
[1:10.11.0-1] - Rebase to 10.11.0
- Import changes from fedora
- Resolves: rhbz#1621766
[1:10.7.0-5] - Import sources from fedora
- Allow using python2 at %build and %install
- turn off debug for aarch64
[1:10.7.0-4] - Fix npm upgrade scriptlet
- Fix unexpected trailing .1 in npm release field
[1:10.7.0-3] - Restore annotations to binaries
- Fix unexpected trailing .1 in release field
[1:10.7.0-2] - Update to 10.7.0
- https://nodejs.org/en/blog/release/v10.7.0/
- https://nodejs.org/en/blog/release/v10.6.0/
[1:10.5.0-1.1] - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
[1:10.5.0-1] - Update to 10.5.0
- https://nodejs.org/en/blog/release/v10.5.0/
[1:10.4.1-1] - Update to 10.4.1 to address security issues
- https://nodejs.org/en/blog/release/v10.4.1/
- Resolves: rhbz#1590801
- Resolves: rhbz#1591014
- Resolves: rhbz#1591019
[1:10.4.0-1] - Update to 10.4.0
- https://nodejs.org/en/blog/release/v10.4.0/
[1:10.3.0-1] - Update to 10.3.0
- Update npm to 6.1.0
- https://nodejs.org/en/blog/release/v10.3.0/
[1:10.2.1-2] - Fix up bare ‘python’ to be python2
- Drop redundant entry in docs section
[1:10.2.1-1] - Update to 10.2.1
- https://nodejs.org/en/blog/release/v10.2.1/
[1:10.2.0-1] - Update to 10.2.0
- https://nodejs.org/en/blog/release/v10.2.0/
[1:10.1.0-3] - Fix incorrect rpm macro
[1:10.1.0-2] - Include upstream v8 fix for ppc64[le]
- Disable debug build on ppc64[le] and s390x
[1:10.1.0-1] - Update to 10.1.0
- https://nodejs.org/en/blog/release/v10.1.0/
- Reenable node_g binary
[1:10.0.0-1] - Update to 10.0.0
- https://nodejs.org/en/blog/release/v10.0.0/
- Drop workaround patch
- Temporarily drop node_g binary due to
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85587
[1:9.11.1-2] - Use standard Fedora linker flags (bug #1543859)
[1:9.11.1-1] - Update to 9.11.1
- https://nodejs.org/en/blog/release/v9.11.0/
- https://nodejs.org/en/blog/release/v9.11.1/
[1:9.10.0-1] - Update to 9.10.0
- https://nodejs.org/en/blog/release/v9.10.0/
[1:9.9.0-1] - Update to 9.9.0
- https://nodejs.org/en/blog/release/v9.9.0/
[1:9.8.0-1] - Update to 9.8.0
- https://nodejs.org/en/blog/release/v9.8.0/
[1:9.7.0-1] - Update to 9.7.0
- https://nodejs.org/en/blog/release/v9.7.0/
- Work around F28 build issue
[1:9.6.1-1] - Update to 9.6.1
- https://nodejs.org/en/blog/release/v9.6.1/
- https://nodejs.org/en/blog/release/v9.6.0/
[1:9.5.0-1] - Package Node.js 9.5.0
[1:8.9.4-2] - Fix incorrect Requires:
[1:8.9.4-1] - Update to 8.9.4
- https://nodejs.org/en/blog/release/v8.9.4/
- Switch to system copy of nghttp2
[1:8.9.3-2] - Update to 8.9.3
- https://nodejs.org/en/blog/release/v8.9.3/
- https://nodejs.org/en/blog/release/v8.9.2/
[1:8.9.1-2] - Rebuild for ICU 60.1
[1:8.9.1-1] - Update to 8.9.1
[1:8.9.0-1] - Update to 8.9.0
- Drop upstreamed patch
[1:8.8.1-1] - Update to 8.8.1 to fix a regression
[1:8.8.0-1] - Security update to 8.8.0
- https://nodejs.org/en/blog/release/v8.8.0/
[1:8.7.0-1] - Update to 8.7.0
- https://nodejs.org/en/blog/release/v8.7.0/
[1:8.6.0-2] - Use bcond macro instead of bootstrap conditional
[1:8.6.0-1] - Fix nghttp2 version
- Update to 8.6.0
- https://nodejs.org/en/blog/release/v8.6.0/
[1:8.5.0-3] - Build with bootstrap + bundle libuv for modularity
- backport patch for aarch64 debug build
[1:8.5.0-2] - Disable debug builds on aarch64 due to https://github.com/nodejs/node/issues/15395
[1:8.5.0-1] - Update to v8.5.0
- https://nodejs.org/en/blog/release/v8.5.0/
[1:8.4.0-2] - Refactor openssl BR
[1:8.4.0-1] - Update to v8.4.0
- https://nodejs.org/en/blog/release/v8.4.0/
- http2 is now supported, add bundled nghttp2
- remove openssl 1.0.1 patches, we won’t be using them in fedora
[1:8.3.0-1] - Update to v8.3.0
- https://nodejs.org/en/blog/release/v8.3.0/
- update V8 to 6.0
- update minimal gcc and g++ requirements to 4.9.4
[1:8.2.1-2] - Bump release to fix broken dependencies
[1:8.2.1-1.2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
[1:8.2.1-1.1] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
[1:8.2.1-1] - Update to v8.2.1
- https://nodejs.org/en/blog/release/v8.2.1/
[1:8.2.0-1] - Update to v8.2.0
- https://nodejs.org/en/blog/release/v8.2.0/
- Update npm to 5.3.0
- Adds npx command
[1:8.1.4-3] - s/BuildRequires/Requires/ for http-parser-devel%{?_isa}
[1:8.1.4-2] - Rename python-devel to python2-devel
- own %{_pkgdocdir}/npm
[1:8.1.4-1] - Update to v8.1.4
- https://nodejs.org/en/blog/release/v8.1.4/
- Drop upstreamed c-ares patch
[1:8.1.3-1] - Update to v8.1.3
- https://nodejs.org/en/blog/release/v8.1.3/
[1:8.1.2-1] - Update to v8.1.2
- remove GCC 7 patch, as it is now fixed in node >= 6.12
nodejs-nodemon
nodejs-packaging
Related
nessus
nessus
SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2020:0454-1)
2020-02-26 00:00:00
RHEL 8 : nodejs:12 (RHSA-2020:0598)
2020-02-26 00:00:00
SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2020:0488-1)
2020-02-27 00:00:00
osv
osv
Important: nodejs:12 security update
2020-02-25 13:06:23
Important: nodejs:12 security update
2020-02-25 13:06:23
nodejs - security update
2020-04-29 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:0455-1)
2021-04-19 00:00:00
Elastic Kibana < 6.8.7, 7.x < 7.6.1 Multiple Vulnerabilities in Node.js (ESA-2020-01) - Linux
2021-01-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0454-1)
2021-04-19 00:00:00
ibm
ibm
oraclelinux
oraclelinux
nodejs:12 security update
2020-02-26 00:00:00
nodejs:10 security update
2020-02-26 00:00:00
icu security update
2020-03-19 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2020-0060
2020-02-23 00:00:00
Critical Photon OS Security Update - PHSA-2020-3.0-0060
2020-02-23 00:00:00
debian
debian
[SECURITY] [DSA 4669-1] nodejs security update
2020-04-29 21:05:57
[SECURITY] [DLA 2151-1] icu security update
2020-03-20 12:16:16
[SECURITY] [DSA 4646-1] icu security update
2020-03-25 16:27:53
freebsd
freebsd
Node.js -- multiple vulnerabilities
2020-02-06 00:00:00
nodejsblog
nodejsblog
February 2020 Security Releases
2020-02-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package node version 13.8.0-alt1
2020-02-11 00:00:00
Security fix for the ALT Linux 9 package node version 13.8.0-alt1
2020-02-11 00:00:00
suse
suse
Security update for nodejs8 (important)
2020-03-03 00:00:00
Security update for icu (important)
2020-04-06 00:00:00
rocky
rocky
nodejs:12 security update
2020-02-25 13:06:23
icu security update
2020-03-19 10:43:49
nodejs:10 security update
2020-04-06 07:21:40
almalinux
almalinux
Important: nodejs:12 security update
2020-02-25 13:06:23
Important: nodejs:10 security update
2020-04-06 07:21:40
Important: nodejs:12 security update
2020-04-02 07:23:16
redhat
redhat
(RHSA-2020:0598) Important: nodejs:12 security update
2020-02-25 13:06:23
(RHSA-2020:1343) Important: nodejs:10 security update
2020-04-07 07:01:50
(RHSA-2020:1293) Important: nodejs:12 security update
2020-04-02 07:23:16
hackerone
hackerone
Node.js: Remotely trigger an assertion on a TLS server with a malformed certificate string
2019-11-26 16:10:02
Node.js: HTTP header values do not have trailing OWS trimmed
2019-11-06 17:46:12
cvelist
cvelist
CVE-2019-15604
2020-02-07 14:57:07
CVE-2019-15606
2020-02-07 14:58:08
prion
prion
Authorization
2020-02-07 15:15:00
Input validation
2020-02-07 15:15:00
Design/Logic Flaw
2019-08-13 21:15:00
ubuntucve
ubuntucve
debiancve
debiancve
redhatcve
redhatcve
nvd
nvd
cve
cve
veracode
veracode
Denial Of Service (DoS)
2020-02-10 03:28:33
Authorization Bypass
2020-02-10 06:22:36
Denial Of Service (DoS)
2019-10-01 00:17:28
alpinelinux
alpinelinux
symantec
symantec
Microsoft Windows 'HTTP.sys' CVE-2019-9518 Denial of Service Vulnerability
2019-08-13 00:00:00
Microsoft Windows 'HTTP.sys' CVE-2019-9511 Denial of Service Vulnerability
2019-08-13 00:00:00
centos
centos
icu, libicu security update
2020-03-25 19:22:01
icu, libicu security update
2020-03-25 19:16:31
ubuntu
ubuntu
ICU vulnerability
2020-03-17 00:00:00
gentoo
gentoo
ICU: Integer overflow
2020-03-15 00:00:00
f5
f5
K46011592 : HTTP/2 Empty Frames Flood vulnerability CVE-2019-9518
2019-08-20 00:00:00
K51197241 : ICU vulnerability CVE-2020-10531
2020-04-08 00:00:00
mscve
mscve
HTTP/2 Server Denial of Service Vulnerability
2019-08-13 07:00:00
amazon
amazon
Medium: icu
2020-04-20 20:34:00
Important: icu
2020-05-05 01:13:00
cloudfoundry
cloudfoundry
USN-4305-1: ICU vulnerability | Cloud Foundry
2020-04-08 00:00:00