Lucene search
OracleLinuxELSA-2020-2852HistoryJul 14, 2020 - 12:00 a.m.
nodejs:12 security update
2020-07-1400:00:00
linux.oracle.com
24
0.022 Low
EPSS
Percentile
89.6%
nodejs
[12.18.2-1]
- Rebase to 12.18.2
[1:12.18.1-1] - Rebase
- Spec clean up
- Provide i18n package, bundle icu
- Resolves: RHBZ#1845310, RHBZ#1845691
[1:12.18.0-1] - Security update to 12.18.0
- Resolves: RHBZ#1845310, RHBZ#1845691
[1:12.16.1-2] - Fix CVE-2020-10531
[1:12.16.1-1] - Resolves: RHBZ#1800395, RHBZ#1800396, RHBZ#1800381
- Rebase to 12.16.1
[1:12.14.1-1] - Rebase to 12.14.1
[1:12.13.1-1] - Resolves: RHBZ# 1773503, update to 12.13.1
- minor clean up and sync with Fedora spec
- turn off debug builds
[1:12.4.0-2] - Resolves:RHBZ#1685191
- Add condition to libs
[1:12.4.0-1] - Update to v12.x
- Add v8-devel and libs subpackages from fedora
[1:10.14.1-2] - move nodejs-packaging BR out of conditional
[1:10.14.1-1] - Resolves: RHBZ#1644207
- fixes node-gyp permissions
- rebase
[1:10.11.0-2] - BuildRequire nodejs-packaging for proper npm dependency generation
- Resolves: rhbz#1615947
[1:10.11.0-1] - Rebase to 10.11.0
- Import changes from fedora
- Resolves: rhbz#1621766
[1:10.7.0-5] - Import sources from fedora
- Allow using python2 at %build and %install
- turn off debug for aarch64
[1:10.7.0-4] - Fix npm upgrade scriptlet
- Fix unexpected trailing .1 in npm release field
[1:10.7.0-3] - Restore annotations to binaries
- Fix unexpected trailing .1 in release field
[1:10.7.0-2] - Update to 10.7.0
- https://nodejs.org/en/blog/release/v10.7.0/
- https://nodejs.org/en/blog/release/v10.6.0/
[1:10.5.0-1.1] - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
[1:10.5.0-1] - Update to 10.5.0
- https://nodejs.org/en/blog/release/v10.5.0/
[1:10.4.1-1] - Update to 10.4.1 to address security issues
- https://nodejs.org/en/blog/release/v10.4.1/
- Resolves: rhbz#1590801
- Resolves: rhbz#1591014
- Resolves: rhbz#1591019
[1:10.4.0-1] - Update to 10.4.0
- https://nodejs.org/en/blog/release/v10.4.0/
[1:10.3.0-1] - Update to 10.3.0
- Update npm to 6.1.0
- https://nodejs.org/en/blog/release/v10.3.0/
[1:10.2.1-2] - Fix up bare ‘python’ to be python2
- Drop redundant entry in docs section
[1:10.2.1-1] - Update to 10.2.1
- https://nodejs.org/en/blog/release/v10.2.1/
[1:10.2.0-1] - Update to 10.2.0
- https://nodejs.org/en/blog/release/v10.2.0/
[1:10.1.0-3] - Fix incorrect rpm macro
[1:10.1.0-2] - Include upstream v8 fix for ppc64[le]
- Disable debug build on ppc64[le] and s390x
[1:10.1.0-1] - Update to 10.1.0
- https://nodejs.org/en/blog/release/v10.1.0/
- Reenable node_g binary
[1:10.0.0-1] - Update to 10.0.0
- https://nodejs.org/en/blog/release/v10.0.0/
- Drop workaround patch
- Temporarily drop node_g binary due to
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85587
[1:9.11.1-2] - Use standard Fedora linker flags (bug #1543859)
[1:9.11.1-1] - Update to 9.11.1
- https://nodejs.org/en/blog/release/v9.11.0/
- https://nodejs.org/en/blog/release/v9.11.1/
[1:9.10.0-1] - Update to 9.10.0
- https://nodejs.org/en/blog/release/v9.10.0/
[1:9.9.0-1] - Update to 9.9.0
- https://nodejs.org/en/blog/release/v9.9.0/
[1:9.8.0-1] - Update to 9.8.0
- https://nodejs.org/en/blog/release/v9.8.0/
[1:9.7.0-1] - Update to 9.7.0
- https://nodejs.org/en/blog/release/v9.7.0/
- Work around F28 build issue
[1:9.6.1-1] - Update to 9.6.1
- https://nodejs.org/en/blog/release/v9.6.1/
- https://nodejs.org/en/blog/release/v9.6.0/
[1:9.5.0-1] - Package Node.js 9.5.0
[1:8.9.4-2] - Fix incorrect Requires:
[1:8.9.4-1] - Update to 8.9.4
- https://nodejs.org/en/blog/release/v8.9.4/
- Switch to system copy of nghttp2
[1:8.9.3-2] - Update to 8.9.3
- https://nodejs.org/en/blog/release/v8.9.3/
- https://nodejs.org/en/blog/release/v8.9.2/
[1:8.9.1-2] - Rebuild for ICU 60.1
[1:8.9.1-1] - Update to 8.9.1
[1:8.9.0-1] - Update to 8.9.0
- Drop upstreamed patch
[1:8.8.1-1] - Update to 8.8.1 to fix a regression
[1:8.8.0-1] - Security update to 8.8.0
- https://nodejs.org/en/blog/release/v8.8.0/
[1:8.7.0-1] - Update to 8.7.0
- https://nodejs.org/en/blog/release/v8.7.0/
[1:8.6.0-2] - Use bcond macro instead of bootstrap conditional
[1:8.6.0-1] - Fix nghttp2 version
- Update to 8.6.0
- https://nodejs.org/en/blog/release/v8.6.0/
[1:8.5.0-3] - Build with bootstrap + bundle libuv for modularity
- backport patch for aarch64 debug build
[1:8.5.0-2] - Disable debug builds on aarch64 due to https://github.com/nodejs/node/issues/15395
[1:8.5.0-1] - Update to v8.5.0
- https://nodejs.org/en/blog/release/v8.5.0/
[1:8.4.0-2] - Refactor openssl BR
[1:8.4.0-1] - Update to v8.4.0
- https://nodejs.org/en/blog/release/v8.4.0/
- http2 is now supported, add bundled nghttp2
- remove openssl 1.0.1 patches, we won’t be using them in fedora
[1:8.3.0-1] - Update to v8.3.0
- https://nodejs.org/en/blog/release/v8.3.0/
- update V8 to 6.0
- update minimal gcc and g++ requirements to 4.9.4
[1:8.2.1-2] - Bump release to fix broken dependencies
[1:8.2.1-1.2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
[1:8.2.1-1.1] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
[1:8.2.1-1] - Update to v8.2.1
- https://nodejs.org/en/blog/release/v8.2.1/
[1:8.2.0-1] - Update to v8.2.0
- https://nodejs.org/en/blog/release/v8.2.0/
- Update npm to 5.3.0
- Adds npx command
[1:8.1.4-3] - s/BuildRequires/Requires/ for http-parser-devel%{?_isa}
[1:8.1.4-2] - Rename python-devel to python2-devel
- own %{_pkgdocdir}/npm
[1:8.1.4-1] - Update to v8.1.4
- https://nodejs.org/en/blog/release/v8.1.4/
- Drop upstreamed c-ares patch
[1:8.1.3-1] - Update to v8.1.3
- https://nodejs.org/en/blog/release/v8.1.3/
[1:8.1.2-1] - Update to v8.1.2
- remove GCC 7 patch, as it is now fixed in node >= 6.12
nodejs-nodemon
nodejs-packaging
Related
nessus
nessus
RHEL 7 : rh-nodejs12-nodejs (RHSA-2020:2895)
2023-01-23 00:00:00
RHEL 8 : nodejs:12 (RHSA-2020:2847)
2020-07-07 00:00:00
Oracle Linux 8 : nodejs:12 (ELSA-2020-2852)
2020-08-13 00:00:00
redhat
redhat
(RHSA-2020:2895) Important: rh-nodejs12-nodejs security update
2020-07-13 10:17:39
(RHSA-2020:2852) Important: nodejs:12 security update
2020-07-07 08:52:35
(RHSA-2020:2847) Important: nodejs:12 security update
2020-07-07 08:51:11
osv
osv
Important: nodejs:12 security update
2020-07-07 08:52:35
Important: nodejs:12 security update
2020-07-07 08:52:35
Important: nodejs:10 security update
2020-07-07 08:51:24
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:1606-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:1575-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:1568-1)
2021-04-19 00:00:00
ibm
ibm
freebsd
freebsd
Node.js -- June 2020 Security Releases
2020-06-02 00:00:00
almalinux
almalinux
Important: nodejs:12 security update
2020-07-07 08:52:35
Important: nodejs:10 security update
2020-07-07 08:51:24
Important: icu security update
2020-03-19 10:43:49
oraclelinux
oraclelinux
nodejs:10 security update
2020-07-14 00:00:00
nodejs:12 security update
2020-04-02 00:00:00
icu security update
2020-03-19 00:00:00
rocky
rocky
nodejs:12 security update
2020-07-07 08:52:35
nodejs:10 security update
2020-07-07 08:51:24
icu security update
2020-03-19 10:43:49
nodejsblog
nodejsblog
June 2020 Security Releases
2020-06-02 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package node version 14.4.0-alt1
2020-06-19 00:00:00
Security fix for the ALT Linux 10 package node version 14.4.0-alt1
2020-06-19 00:00:00
suse
suse
Security update for nodejs8 (critical)
2020-06-13 00:00:00
Security update for icu (important)
2020-04-06 00:00:00
debian
debian
[SECURITY] [DSA 4696-1] nodejs security update
2020-06-06 11:06:13
[SECURITY] [DSA 4646-1] icu security update
2020-03-25 16:27:53
[SECURITY] [DLA 2151-1] icu security update
2020-03-20 12:16:16
ics
ics
Hitachi Energy e-mesh EMS
2022-03-31 12:00:00
debiancve
debiancve
CVE-2020-8172
2020-06-08 14:15:13
CVE-2020-10531
2020-03-12 19:15:13
redhatcve
redhatcve
hackerone
hackerone
Node.js: Node.js: TLS session reuse can lead to hostname verification bypass
2020-03-05 17:30:12
cve
cve
CVE-2020-8172
2020-06-08 14:15:13
nvd
nvd
ubuntucve
ubuntucve
CVE-2020-8172
2020-06-08 00:00:00
CVE-2020-11080
2020-06-03 00:00:00
alpinelinux
alpinelinux
github
github
Prototype Pollution in minimist
2020-04-03 21:48:32
prion
prion
Design/Logic Flaw
2020-03-11 23:15:00
Design/Logic Flaw
2020-06-08 14:15:00
Security feature bypass
2020-06-03 23:15:00
amazon
amazon
Medium: icu
2020-04-20 20:34:00
centos
centos
icu, libicu security update
2020-03-25 19:16:31
icu, libicu security update
2020-03-25 19:22:01
veracode
veracode
Prototype Pollution
2020-03-12 05:22:55
Hostname Verification Bypass
2020-06-09 02:53:46
Remote Code Execution (RCE)
2020-07-14 02:35:29
cvelist
cvelist
CVE-2020-8172
2020-06-08 13:08:16
CVE-2020-11080 Denial of service in nghttp2
2020-06-03 00:00:00
CVE-2020-10531
2020-03-12 18:09:40
ubuntu
ubuntu
ICU vulnerability
2020-03-17 00:00:00
nghttp2 vulnerability
2023-06-06 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-11080 affecting package nghttp2 1.33.0-3
2020-11-30 19:30:42
f5
f5
K51197241 : ICU vulnerability CVE-2020-10531
2020-04-08 00:00:00
mageia
mageia
Updated nghttp2 packages fix security vulnerability
2020-06-11 02:59:36
cloudfoundry
cloudfoundry
USN-4305-1: ICU vulnerability | Cloud Foundry
2020-04-08 00:00:00