[SUSE-SU-2023:1923-1] Security update for nodejs16
Severity
Important
Affected Packages
13
CVEs
1
Security update for nodejs16
This update for nodejs16 fixes the following issues:
Update to nodejs LTS version 16.20.0:
Security fixes:
- CVE-2022-25881: Fixed ReDoS vulnerability in http-cache-semantics (bsc#1208744).
Other changes:
- update undici to 5.20.0
- update c-ares to 1.19.0
- update npm to 8.19.4
- ID
- SUSE-SU-2023:1923-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20231923-1/
- Published
-
2023-04-20T06:58:38
(17 months ago) - Modified
-
2023-04-20T06:58:38
(17 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALSA-2023:1582
-
ALSA-2023:1583
-
ALSA-2023:1743
-
ALSA-2023:2654
-
ALSA-2023:2655
-
ELSA-2023-1582
-
ELSA-2023-1583
-
ELSA-2023-1743
-
ELSA-2023-2654
-
ELSA-2023-2655
-
MAVEN:GHSA-RC47-6667-2J5J
-
NPM:GHSA-RC47-6667-2J5J
-
RHSA-2023:1582
-
RHSA-2023:1583
-
RHSA-2023:1743
-
RHSA-2023:2654
-
RHSA-2023:2655
-
RLSA-2023:2655
-
SUSE-SU-2023:1871-1
-
SUSE-SU-2023:1872-1
-
SUSE-SU-2023:1875-1
-
SUSE-SU-2023:1876-1
-
SUSE-SU-2023:1924-1
-
SUSE-SU-2023:1942-1
-
SUSE-SU-2023:2662-1
-
SUSE-SU-2023:2669-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2023:1923-1 |
|
|
| Suse | E-Mail link for SUSE-SU-2023:1923-1 |
|
|
| Bugzilla | SUSE Bug 1208744 |
|
|
| CVE | SUSE CVE CVE-2022-25881 page |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/suse/npm16?arch=x86_64&distro=sles-15&sp=3 | suse |
 npm16
|
< 16.20.0-150300.7.21.2 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/npm16?arch=s390x&distro=sles-15&sp=3 | suse |
npm16
|
< 16.20.0-150300.7.21.2 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/npm16?arch=ppc64le&distro=sles-15&sp=3 | suse |
npm16
|
< 16.20.0-150300.7.21.2 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/npm16?arch=aarch64&distro=sles-15&sp=3 | suse |
npm16
|
< 16.20.0-150300.7.21.2 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/nodejs16?arch=x86_64&distro=sles-15&sp=3 | suse |
nodejs16
|
< 16.20.0-150300.7.21.2 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/nodejs16?arch=s390x&distro=sles-15&sp=3 | suse |
nodejs16
|
< 16.20.0-150300.7.21.2 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/nodejs16?arch=ppc64le&distro=sles-15&sp=3 | suse |
nodejs16
|
< 16.20.0-150300.7.21.2 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/nodejs16?arch=aarch64&distro=sles-15&sp=3 | suse |
nodejs16
|
< 16.20.0-150300.7.21.2 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/nodejs16-docs?arch=noarch&distro=sles-15&sp=3 | suse |
nodejs16-docs
|
< 16.20.0-150300.7.21.2 | sles-15 | noarch | |
| Affected | pkg:rpm/suse/nodejs16-devel?arch=x86_64&distro=sles-15&sp=3 | suse |
nodejs16-devel
|
< 16.20.0-150300.7.21.2 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/nodejs16-devel?arch=s390x&distro=sles-15&sp=3 | suse |
nodejs16-devel
|
< 16.20.0-150300.7.21.2 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/nodejs16-devel?arch=ppc64le&distro=sles-15&sp=3 | suse |
nodejs16-devel
|
< 16.20.0-150300.7.21.2 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/nodejs16-devel?arch=aarch64&distro=sles-15&sp=3 | suse |
nodejs16-devel
|
< 16.20.0-150300.7.21.2 | sles-15 | aarch64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |