Описание
ELSA-2023-5850: nodejs:16 security update (IMPORTANT)
nodejs [1:16.20.2-3.0.1]
- Update nghttp2 to 1.57.0 Resolves: CVE-2023-44487
nodejs-nodemon nodejs-packaging [26-1]
- nodejs.prov: find namespaced bundled dependencies
- Apply https://src.fedoraproject.org/rpms/nodejs-packaging/c/e24e7df
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module nodejs:16 is enabled
nodejs
16.20.2-3.0.1.module+el8.8.0+21192+e43554c6
nodejs-devel
16.20.2-3.0.1.module+el8.8.0+21192+e43554c6
nodejs-docs
16.20.2-3.0.1.module+el8.8.0+21192+e43554c6
nodejs-full-i18n
16.20.2-3.0.1.module+el8.8.0+21192+e43554c6
nodejs-nodemon
3.0.1-1.module+el8.8.0+21172+0baa0bae
nodejs-packaging
26-1.module+el8.8.0+21172+0baa0bae
npm
8.19.4-1.16.20.2.3.0.1.module+el8.8.0+21192+e43554c6
Oracle Linux x86_64
Module nodejs:16 is enabled
nodejs
16.20.2-3.0.1.module+el8.8.0+21192+e43554c6
nodejs-devel
16.20.2-3.0.1.module+el8.8.0+21192+e43554c6
nodejs-docs
16.20.2-3.0.1.module+el8.8.0+21192+e43554c6
nodejs-full-i18n
16.20.2-3.0.1.module+el8.8.0+21192+e43554c6
nodejs-nodemon
3.0.1-1.module+el8.8.0+21172+0baa0bae
nodejs-packaging
26-1.module+el8.8.0+21172+0baa0bae
npm
8.19.4-1.16.20.2.3.0.1.module+el8.8.0+21192+e43554c6
Связанные CVE
Связанные уязвимости
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
The HTTP/2 protocol allows a denial of service (server resource consum ...