[ELSA-2020-4272] nodejs:12 security and bug fix update

Severity Moderate

Affected Packages 7

CVEs 4

nodejs
[1:12.18.4-2]
- Resolves: RHBZ#1883966 - nodejs-devel not installable due to missing brotli
- Some spec fixes

[12.18.4-1]
- Rebase to 12.18.4

nodejs-nodemon
nodejs-packaging

Package	Affected Version
pkg:rpm/oraclelinux/npm?distro=oraclelinux-8.2	< 6.14.6-1.12.18.4.2.module+el8.2.0+7806+0b44ae23
pkg:rpm/oraclelinux/nodejs?distro=oraclelinux-8.2	< 12.18.4-2.module+el8.2.0+7806+0b44ae23
pkg:rpm/oraclelinux/nodejs-packaging?distro=oraclelinux-8.1	< 17-3.module+el8.1.0+5393+aaf413e3
pkg:rpm/oraclelinux/nodejs-nodemon?distro=oraclelinux-8.1	< 1.18.3-1.module+el8.1.0+5393+aaf413e3
pkg:rpm/oraclelinux/nodejs-full-i18n?distro=oraclelinux-8.2	< 12.18.4-2.module+el8.2.0+7806+0b44ae23
pkg:rpm/oraclelinux/nodejs-docs?distro=oraclelinux-8.2	< 12.18.4-2.module+el8.2.0+7806+0b44ae23
pkg:rpm/oraclelinux/nodejs-devel?distro=oraclelinux-8.2	< 12.18.4-2.module+el8.2.0+7806+0b44ae23

ID

ELSA-2020-4272

Severity

moderate

URL

https://linux.oracle.com/errata/ELSA-2020-4272.html

Published

2020-10-20T00:00:00
(3 years ago)

Modified

2020-10-20T00:00:00
(3 years ago)

Rights

Other Advisories

Source	# ID	URL
elsa	ELSA-2020-4272	https://linux.oracle.com/errata/ELSA-2020-4272.html
CVE	CVE-2020-8252	https://linux.oracle.com/cve/CVE-2020-8252.html
CVE	CVE-2020-15095	https://linux.oracle.com/cve/CVE-2020-15095.html
CVE	CVE-2020-8116	https://linux.oracle.com/cve/CVE-2020-8116.html
CVE	CVE-2020-8201	https://linux.oracle.com/cve/CVE-2020-8201.html

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:rpm/oraclelinux/npm?distro=oraclelinux-8.2	oraclelinux	npm	< 6.14.6-1.12.18.4.2.module+el8.2.0+7806+0b44ae23	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/nodejs?distro=oraclelinux-8.2	oraclelinux	nodejs	< 12.18.4-2.module+el8.2.0+7806+0b44ae23	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/nodejs-packaging?distro=oraclelinux-8.1	oraclelinux	nodejs-packaging	< 17-3.module+el8.1.0+5393+aaf413e3	oraclelinux-8.1
Affected	pkg:rpm/oraclelinux/nodejs-nodemon?distro=oraclelinux-8.1	oraclelinux	nodejs-nodemon	< 1.18.3-1.module+el8.1.0+5393+aaf413e3	oraclelinux-8.1
Affected	pkg:rpm/oraclelinux/nodejs-full-i18n?distro=oraclelinux-8.2	oraclelinux	nodejs-full-i18n	< 12.18.4-2.module+el8.2.0+7806+0b44ae23	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/nodejs-docs?distro=oraclelinux-8.2	oraclelinux	nodejs-docs	< 12.18.4-2.module+el8.2.0+7806+0b44ae23	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/nodejs-devel?distro=oraclelinux-8.2	oraclelinux	nodejs-devel	< 12.18.4-2.module+el8.2.0+7806+0b44ae23	oraclelinux-8.2

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date