[ELSA-2020-4272] nodejs:12 security and bug fix update
Severity
Moderate
Affected Packages
7
CVEs
4
nodejs
[1:12.18.4-2]
- Resolves: RHBZ#1883966 - nodejs-devel not installable due to missing brotli
- Some spec fixes
[12.18.4-1]
- Rebase to 12.18.4
nodejs-nodemon
nodejs-packaging
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/npm?distro=oraclelinux-8.2 | < 6.14.6-1.12.18.4.2.module+el8.2.0+7806+0b44ae23 |
pkg:rpm/oraclelinux/nodejs?distro=oraclelinux-8.2 | < 12.18.4-2.module+el8.2.0+7806+0b44ae23 |
pkg:rpm/oraclelinux/nodejs-packaging?distro=oraclelinux-8.1 | < 17-3.module+el8.1.0+5393+aaf413e3 |
pkg:rpm/oraclelinux/nodejs-nodemon?distro=oraclelinux-8.1 | < 1.18.3-1.module+el8.1.0+5393+aaf413e3 |
pkg:rpm/oraclelinux/nodejs-full-i18n?distro=oraclelinux-8.2 | < 12.18.4-2.module+el8.2.0+7806+0b44ae23 |
pkg:rpm/oraclelinux/nodejs-docs?distro=oraclelinux-8.2 | < 12.18.4-2.module+el8.2.0+7806+0b44ae23 |
pkg:rpm/oraclelinux/nodejs-devel?distro=oraclelinux-8.2 | < 12.18.4-2.module+el8.2.0+7806+0b44ae23 |
- ID
- ELSA-2020-4272
- Severity
- moderate
- URL
- https://linux.oracle.com/errata/ELSA-2020-4272.html
- Published
-
2020-10-20T00:00:00
(3 years ago) - Modified
-
2020-10-20T00:00:00
(3 years ago) - Rights
- Copyright 2020 Oracle, Inc.
- Other Advisories
-
- ALAS2-2021-1581
- ALPINE:CVE-2020-8201
- ALPINE:CVE-2020-8252
- ALSA-2020:4272
- ALSA-2021:0548
- ELSA-2021-0548
- FEDORA-2020-43d5a372fc
- FREEBSD:4CA5894C-F7F1-11EA-8FF8-0022489AD614
- GLSA-202009-15
- GLSA-202101-07
- NPM:GHSA-93F3-23RQ-PJFP
- NPM:GHSA-FF7X-QRG7-QGGM
- openSUSE-SU-2020:1616-1
- openSUSE-SU-2020:1644-1
- openSUSE-SU-2020:1660-1
- RHSA-2020:4272
- RHSA-2021:0548
- RLSA-2020:4272
- RLSA-2021:0548
- SUSE-SU-2020:2800-1
- SUSE-SU-2020:2812-1
- SUSE-SU-2020:2813-1
- SUSE-SU-2020:2823-1
- SUSE-SU-2020:2829-1
- SUSE-SU-2020:2870-1
- USN-4548-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2020-4272 | https://linux.oracle.com/errata/ELSA-2020-4272.html | |
CVE | CVE-2020-8252 | https://linux.oracle.com/cve/CVE-2020-8252.html | |
CVE | CVE-2020-15095 | https://linux.oracle.com/cve/CVE-2020-15095.html | |
CVE | CVE-2020-8116 | https://linux.oracle.com/cve/CVE-2020-8116.html | |
CVE | CVE-2020-8201 | https://linux.oracle.com/cve/CVE-2020-8201.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/npm?distro=oraclelinux-8.2 | oraclelinux | npm | < 6.14.6-1.12.18.4.2.module+el8.2.0+7806+0b44ae23 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/nodejs?distro=oraclelinux-8.2 | oraclelinux | nodejs | < 12.18.4-2.module+el8.2.0+7806+0b44ae23 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/nodejs-packaging?distro=oraclelinux-8.1 | oraclelinux | nodejs-packaging | < 17-3.module+el8.1.0+5393+aaf413e3 | oraclelinux-8.1 | ||
Affected | pkg:rpm/oraclelinux/nodejs-nodemon?distro=oraclelinux-8.1 | oraclelinux | nodejs-nodemon | < 1.18.3-1.module+el8.1.0+5393+aaf413e3 | oraclelinux-8.1 | ||
Affected | pkg:rpm/oraclelinux/nodejs-full-i18n?distro=oraclelinux-8.2 | oraclelinux | nodejs-full-i18n | < 12.18.4-2.module+el8.2.0+7806+0b44ae23 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/nodejs-docs?distro=oraclelinux-8.2 | oraclelinux | nodejs-docs | < 12.18.4-2.module+el8.2.0+7806+0b44ae23 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/nodejs-devel?distro=oraclelinux-8.2 | oraclelinux | nodejs-devel | < 12.18.4-2.module+el8.2.0+7806+0b44ae23 | oraclelinux-8.2 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |