1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2020:0059-1

[SUSE-SU-2020:0059-1] Security update for nodejs12

Severity Moderate
CVEs 9
Info References Vulnerabilities

Security update for nodejs12

This update for nodejs12 fixes the following issues:

Update to LTS release 12.13.0 (jsc#SLE-8947).

Security issues fixed:

  • CVE-2019-9511: Fixed the HTTP/2 implementation that was vulnerable to window size manipulations (bsc#1146091).
  • CVE-2019-9512: Fixed the HTTP/2 implementation that was vulnerable to floods using PING frames (bsc#1146099).
  • CVE-2019-9513: Fixed the HTTP/2 implementation that was vulnerable to resource loops, potentially leading to a denial of service (bsc#1146094).
  • CVE-2019-9514: Fixed the HTTP/2 implementation that was vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146095).
  • CVE-2019-9515: Fixed the HTTP/2 implementation that was vulnerable to a SETTINGS frame flood (bsc#1146100).
  • CVE-2019-9516: Fixed the HTTP/2 implementation that was vulnerable to a header leak, potentially leading to a denial of service (bsc#1146090).
  • CVE-2019-9517: Fixed the HTTP/2 implementation that was vulnerable to unconstrained interal data buffering (bsc#1146097).
  • CVE-2019-9518: Fixed the HTTP/2 implementation that was vulnerable to a flood of empty frames, potentially leading to a denial of service (bsc#1146093).
  • CVE-2019-13173: Fixed a file overwrite in the fstream.DirWriter() function (bsc#1140290).
ID
SUSE-SU-2020:0059-1
Severity
moderate
URL
https://www.suse.com/support/update/announcement/2020/suse-su-20200059-1/
Published
2020-01-09T12:30:16
(4 years ago)
Modified
2020-01-09T12:30:16
(4 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_0059-1.json
Suse URL for SUSE-SU-2020:0059-1 https://www.suse.com/support/update/announcement/2020/suse-su-20200059-1/
Suse E-Mail link for SUSE-SU-2020:0059-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006320.html
Bugzilla SUSE Bug 1140290 https://bugzilla.suse.com/1140290
Bugzilla SUSE Bug 1146090 https://bugzilla.suse.com/1146090
Bugzilla SUSE Bug 1146091 https://bugzilla.suse.com/1146091
Bugzilla SUSE Bug 1146093 https://bugzilla.suse.com/1146093
Bugzilla SUSE Bug 1146094 https://bugzilla.suse.com/1146094
Bugzilla SUSE Bug 1146095 https://bugzilla.suse.com/1146095
Bugzilla SUSE Bug 1146097 https://bugzilla.suse.com/1146097
Bugzilla SUSE Bug 1146099 https://bugzilla.suse.com/1146099
Bugzilla SUSE Bug 1146100 https://bugzilla.suse.com/1146100
Bugzilla SUSE Bug 1149792 https://bugzilla.suse.com/1149792
CVE SUSE CVE CVE-2019-13173 page https://www.suse.com/security/cve/CVE-2019-13173/
CVE SUSE CVE CVE-2019-9511 page https://www.suse.com/security/cve/CVE-2019-9511/
CVE SUSE CVE CVE-2019-9512 page https://www.suse.com/security/cve/CVE-2019-9512/
CVE SUSE CVE CVE-2019-9513 page https://www.suse.com/security/cve/CVE-2019-9513/
CVE SUSE CVE CVE-2019-9514 page https://www.suse.com/security/cve/CVE-2019-9514/
CVE SUSE CVE CVE-2019-9515 page https://www.suse.com/security/cve/CVE-2019-9515/
CVE SUSE CVE CVE-2019-9516 page https://www.suse.com/security/cve/CVE-2019-9516/
CVE SUSE CVE CVE-2019-9517 page https://www.suse.com/security/cve/CVE-2019-9517/
CVE SUSE CVE CVE-2019-9518 page https://www.suse.com/security/cve/CVE-2019-9518/
Suse SUSE Bug SLE-8947 https://bugzilla.suse.com/SLE-8947
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date