Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
patchinfo.15323
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.15323
<patchinfo incident="15323"> <issue tracker="cve" id="2020-7598"/> <issue tracker="cve" id="2020-8174"/> <issue tracker="cve" id="2020-11080"/> <issue tracker="cve" id="2020-8172"/> <issue tracker="bnc" id="1172442">VUL-0: CVE-2020-11080: nodejs12,nodejs10: HTTP/2 Large Settings Frame DoS</issue> <issue tracker="bnc" id="1166916">VUL-0: CVE-2020-7598: nodejs,nodejs12,nodejs10,nodejs4,nodejs6,nodejs8: nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload</issue> <issue tracker="bnc" id="1172443">VUL-0: CVE-2020-8174: nodejs,nodejs12,nodejs10,nodejs4,nodejs6,nodejs8: napi_get_value_string_*() allows various kinds of memory corruption</issue> <issue tracker="bnc" id="1172441">VUL-0: CVE-2020-8172: nodejs12: TLS session reuse can lead to host certificate verification bypass</issue> <issue tracker="bnc" id="1172728"> npm missing Requires on nodejs</issue> <packager>adamm</packager> <rating>critical</rating> <category>security</category> <summary>Security update for nodejs12</summary> <description>This update for nodejs12 fixes the following issues: nodejs12 was updated to version 12.18.0 - CVE-2020-8174: Fixed multiple memory corruption in napi_get_value_string_*() (bsc#1172443). - CVE-2020-8172: Fixed am issue where TLS session reuse could have led to host certificate verification bypass (bsc#1172441). - CVE-2020-11080: Fixed a potential denial of service when receiving unreasonably large HTTP/2 SETTINGS frames (bsc#1172442). npm was updated to 6.13.6 - CVE-2020-7598: Fixed an issue which could have tricked minimist into adding or modifying properties of Object.prototype (bsc#1166916). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor