[El-errata] ELBA-2023-4592 Oracle Linux 9 nodejs bug fix update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Aug 17 13:34:09 UTC 2023
Oracle Linux Bug Fix Advisory ELBA-2023-4592
http://linux.oracle.com/errata/ELBA-2023-4592.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
nodejs-16.20.1-2.el9_2.x86_64.rpm
nodejs-docs-16.20.1-2.el9_2.noarch.rpm
nodejs-full-i18n-16.20.1-2.el9_2.x86_64.rpm
nodejs-libs-16.20.1-2.el9_2.i686.rpm
nodejs-libs-16.20.1-2.el9_2.x86_64.rpm
npm-8.19.4-1.16.20.1.2.el9_2.x86_64.rpm
aarch64:
nodejs-16.20.1-2.el9_2.aarch64.rpm
nodejs-docs-16.20.1-2.el9_2.noarch.rpm
nodejs-full-i18n-16.20.1-2.el9_2.aarch64.rpm
nodejs-libs-16.20.1-2.el9_2.aarch64.rpm
npm-8.19.4-1.16.20.1.2.el9_2.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//nodejs-16.20.1-2.el9_2.src.rpm
Description of changes:
[1:16.20.1-2]
- Fix segfault that happens when processing fips-related options
Resolves: BZ#2227796
[1:16.20.1-1]
- Rebase to 16.20.1
Resolves: rhbz#2188291
Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590
- Replace /usr/etc/npmrc symlink with builtin configuration
Resolves: rhbz#2177781
[1:16.19.1-2]
- Update bundled c-ares to 1.19.1
Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067
[1:16.19.1-1]
- Rebase to 16.19.1
- Resolves: rhbz#2153714
- Resolves: CVE-2023-23918 CVE-2023-23919 CVE-2023-23936 CVE-2023-24807 CVE-2023-23920
- Resolves: CVE-2022-25881 CVE-2022-4904
[1:16.18.1-3]
- Update sources of undici WASM blobs
Resolves: rhbz#2151617
[1:16.18.1-2]
- Add back libs and v8-devel subpackages
- Related: RHBZ#2121126
- Record previously fixed CVE
- Resolves: CVE-2021-44906
[1:16.18.1-1]
- Rebase + CVEs
- Resolves: #2142808
- Resolves: #2142826, #2131745, #2142855
[16.17.1-1]
- Rebase to version 16.17.1
Resolves: CVE-2022-35255 CVE-2022-35256
[16.16.0-1]
- Rebase to version 16.16.0
Resolves: RHBZ#2106290
Resolves: CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215
Resolves: CVE-2022-29244
[16.14.0-5]
- Decouple dependency bundling from bootstrapping
[16.14.0-4]
- Apply lock file validation fixes
Resolves: CVE-2021-43616
[16.14.0-3]
- Refactor bootstap handling and configure script invocation
Resolves: rhbz#2056969
[1:16.14.0-2]
- Build with bootstrap by default due to old versions of dependencies available
- Resolves: #2042995, #2042970, #2042981, #2042989
- Resolves: #2029936, #2024890, #2014499, #2014135
- Resolves: #2013834, #1945299
[1:16.14.0-1]
- Update to latest version
- Use jinja and jq
- Don't fix python3
- Resolves: CVE-2022-21824, CVE-2021-44531, CVE-2021-44532, CVE-2021-44533
- Resolves CVE-2020-15095
- Resolves: CVE-2021-3918, CVE-2021-22959, CVE-2021-22960
- Resolves: CVE-2021-3807, CVE-2021-27290
[1:16.10.0-1]
- Rebase to 16.10.0, add corepack, fix PowerShell dependency
- Resolves: RHBZ#2000539, #2000548, #2000549, #2002177
[1:16.6.2-1]
- Rebase to 16.6.2
Resolves: CVE-2021-22931 CVE-2021-22939 CVE-2021-22940
[1:16.5.0-3]
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
More information about the El-errata
mailing list