[El-errata] ELSA-2024-1510 Important: Oracle Linux 8 nodejs:18 security update

Wed Mar 27 21:44:45 UTC 2024

Oracle Linux Security Advisory ELSA-2024-1510

http://linux.oracle.com/errata/ELSA-2024-1510.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
nodejs-18.19.1-1.module+el8.9.0+90195+64cfbb95.x86_64.rpm
nodejs-devel-18.19.1-1.module+el8.9.0+90195+64cfbb95.x86_64.rpm
nodejs-docs-18.19.1-1.module+el8.9.0+90195+64cfbb95.noarch.rpm
nodejs-full-i18n-18.19.1-1.module+el8.9.0+90195+64cfbb95.x86_64.rpm
nodejs-nodemon-3.0.1-1.module+el8.9.0+90157+ed89dc20.noarch.rpm
nodejs-packaging-2021.06-4.module+el8.9.0+90157+ed89dc20.noarch.rpm
nodejs-packaging-bundler-2021.06-4.module+el8.9.0+90157+ed89dc20.noarch.rpm
npm-10.2.4-1.18.19.1.1.module+el8.9.0+90195+64cfbb95.x86_64.rpm

aarch64:
nodejs-18.19.1-1.module+el8.9.0+90195+64cfbb95.aarch64.rpm
nodejs-devel-18.19.1-1.module+el8.9.0+90195+64cfbb95.aarch64.rpm
nodejs-docs-18.19.1-1.module+el8.9.0+90195+64cfbb95.noarch.rpm
nodejs-full-i18n-18.19.1-1.module+el8.9.0+90195+64cfbb95.aarch64.rpm
nodejs-nodemon-3.0.1-1.module+el8.9.0+90157+ed89dc20.noarch.rpm
nodejs-packaging-2021.06-4.module+el8.9.0+90157+ed89dc20.noarch.rpm
nodejs-packaging-bundler-2021.06-4.module+el8.9.0+90157+ed89dc20.noarch.rpm
npm-10.2.4-1.18.19.1.1.module+el8.9.0+90195+64cfbb95.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//nodejs-18.19.1-1.module+el8.9.0+90195+64cfbb95.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el8.9.0+90157+ed89dc20.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//nodejs-packaging-2021.06-4.module+el8.9.0+90157+ed89dc20.src.rpm

Related CVEs:

CVE-2023-46809
CVE-2024-21892
CVE-2024-22019

Description of changes:

nodejs
[1:18.19.1-1]
- Rebase to version 18.19.1
- Fixes: CVE-2024-21892 CVE-2024-22019 (high)
- Fixes: CVE-2023-46809 (medium)

nodejs-nodemon
nodejs-packaging