[El-errata] ELSA-2024-1503 Important: Oracle Linux 9 nodejs:18 security update

Wed Mar 27 12:29:11 UTC 2024

Oracle Linux Security Advisory ELSA-2024-1503

http://linux.oracle.com/errata/ELSA-2024-1503.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
nodejs-18.19.1-1.module+el9.3.0+90193+90aa0dae.x86_64.rpm
nodejs-devel-18.19.1-1.module+el9.3.0+90193+90aa0dae.x86_64.rpm
nodejs-docs-18.19.1-1.module+el9.3.0+90193+90aa0dae.noarch.rpm
nodejs-full-i18n-18.19.1-1.module+el9.3.0+90193+90aa0dae.x86_64.rpm
nodejs-nodemon-3.0.1-1.module+el9.3.0+90167+01064547.noarch.rpm
nodejs-packaging-2021.06-4.module+el9.1.0+20762+f52d7401.noarch.rpm
nodejs-packaging-bundler-2021.06-4.module+el9.1.0+20762+f52d7401.noarch.rpm
npm-10.2.4-1.18.19.1.1.module+el9.3.0+90193+90aa0dae.x86_64.rpm

aarch64:
nodejs-18.19.1-1.module+el9.3.0+90193+90aa0dae.aarch64.rpm
nodejs-devel-18.19.1-1.module+el9.3.0+90193+90aa0dae.aarch64.rpm
nodejs-docs-18.19.1-1.module+el9.3.0+90193+90aa0dae.noarch.rpm
nodejs-full-i18n-18.19.1-1.module+el9.3.0+90193+90aa0dae.aarch64.rpm
nodejs-nodemon-3.0.1-1.module+el9.3.0+90167+01064547.noarch.rpm
nodejs-packaging-2021.06-4.module+el9.1.0+20762+f52d7401.noarch.rpm
nodejs-packaging-bundler-2021.06-4.module+el9.1.0+20762+f52d7401.noarch.rpm
npm-10.2.4-1.18.19.1.1.module+el9.3.0+90193+90aa0dae.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//nodejs-18.19.1-1.module+el9.3.0+90193+90aa0dae.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el9.3.0+90167+01064547.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//nodejs-packaging-2021.06-4.module+el9.1.0+20762+f52d7401.src.rpm

Related CVEs:

CVE-2023-46809
CVE-2024-21892
CVE-2024-22019

Description of changes:

nodejs
[1:18.19.1-1]
- Rebase to version 18.19.1
- Fixes: CVE-2024-21892 CVE-2024-22019 (high)
- Fixes: CVE-2023-46809 (medium)

nodejs-nodemon
nodejs-packaging