[El-errata] ELSA-2023-7205 Important: Oracle Linux 8 nodejs:20 security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Nov 23 20:39:46 UTC 2023
Oracle Linux Security Advisory ELSA-2023-7205
http://linux.oracle.com/errata/ELSA-2023-7205.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
nodejs-20.8.1-1.module+el8.9.0+90082+b6a613a6.x86_64.rpm
nodejs-devel-20.8.1-1.module+el8.9.0+90082+b6a613a6.x86_64.rpm
nodejs-docs-20.8.1-1.module+el8.9.0+90082+b6a613a6.noarch.rpm
nodejs-full-i18n-20.8.1-1.module+el8.9.0+90082+b6a613a6.x86_64.rpm
nodejs-nodemon-3.0.1-1.module+el8.9.0+90082+b6a613a6.noarch.rpm
nodejs-packaging-2021.06-4.module+el8.9.0+90082+b6a613a6.noarch.rpm
nodejs-packaging-bundler-2021.06-4.module+el8.9.0+90082+b6a613a6.noarch.rpm
npm-10.1.0-1.20.8.1.1.module+el8.9.0+90082+b6a613a6.x86_64.rpm
aarch64:
nodejs-docs-20.8.1-1.module+el8.9.0+90082+b6a613a6.noarch.rpm
nodejs-nodemon-3.0.1-1.module+el8.9.0+90082+b6a613a6.noarch.rpm
nodejs-packaging-2021.06-4.module+el8.9.0+90082+b6a613a6.noarch.rpm
nodejs-packaging-bundler-2021.06-4.module+el8.9.0+90082+b6a613a6.noarch.rpm
nodejs-20.8.1-1.module+el8.9.0+90082+b6a613a6.aarch64.rpm
nodejs-devel-20.8.1-1.module+el8.9.0+90082+b6a613a6.aarch64.rpm
nodejs-full-i18n-20.8.1-1.module+el8.9.0+90082+b6a613a6.aarch64.rpm
npm-10.1.0-1.20.8.1.1.module+el8.9.0+90082+b6a613a6.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//nodejs-20.8.1-1.module+el8.9.0+90082+b6a613a6.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el8.9.0+90082+b6a613a6.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//nodejs-packaging-2021.06-4.module+el8.9.0+90082+b6a613a6.src.rpm
Related CVEs:
CVE-2023-38552
CVE-2023-39331
CVE-2023-39332
CVE-2023-39333
CVE-2023-44487
CVE-2023-45143
Description of changes:
nodejs
[1:20.8.1-1]
- Update node and nghttp
- Add fips patch
- Fixes CVE-2023-44487 (nghttp)
- Fixes CVE-2023-45143, CVE-2023-39331, CVE-2023-39332, CVE-2023-38552, CVE-2023-39333
nodejs-nodemon
[3.0.1-1]
- Rebase to 3.0.1
- Resolves: CVE-2022-25883
nodejs-packaging
More information about the El-errata
mailing list