Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
patchinfo.9929
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.9929
<patchinfo incident="9929"> <issue tracker="bnc" id="1117625">VUL-1: CVE-2018-12120: nodejs4,nodejs6: Debugger port 5858 listens on any interface by default</issue> <issue tracker="bnc" id="1117627">VUL-0: CVE-2018-12122: nodejs4,nodejs6,nodejs8: "Slowloris" HTTP Denial of Service</issue> <issue tracker="bnc" id="1117626">VUL-0: CVE-2018-12121: nodejs4,nodejs6,nodejs8: Denial of Service with large HTTP headers</issue> <issue tracker="bnc" id="1117629">VUL-0: CVE-2018-12123: nodejs4,nodejs6,nodejs8: Hostname spoofing in URL parser for javascript protocol</issue> <issue tracker="bnc" id="1113652">VUL-1: CVE-2018-0734: openssl,openssl1,openssl-1_1,openssl-1_0_0,compat-openssl098: Timing vulnerability in DSA signature generation</issue> <issue tracker="bnc" id="1113534">VUL-0: CVE-2018-5407: Hyperthread port content side channel aka "PortSmash"</issue> <issue tracker="bnc" id="1117630">VUL-0: CVE-2018-12116: nodejs4,nodejs6,nodejs8: HTTP request splitting</issue> <issue tracker="cve" id="2018-12120"/> <issue tracker="cve" id="2018-12121"/> <issue tracker="cve" id="2018-12122"/> <issue tracker="cve" id="2018-12123"/> <issue tracker="cve" id="2018-12116"/> <issue tracker="cve" id="2018-5407"/> <issue tracker="cve" id="2018-0734"/> <category>security</category> <rating>important</rating> <packager>adamm</packager> <description>This update for nodejs4 fixes the following issues: Security issues fixed: - CVE-2018-0734: Fixed a timing vulnerability in the DSA signature generation (bsc#1113652) - CVE-2018-5407: Fixed a hyperthread port content side channel attack (aka "PortSmash") (bsc#1113534) - CVE-2018-12120: Fixed that the debugger listens on any interface by default (bsc#1117625) - CVE-2018-12121: Fixed a denial of Service with large HTTP headers (bsc#1117626) - CVE-2018-12122: Fixed the "Slowloris" HTTP Denial of Service (bsc#1117627) - CVE-2018-12116: Fixed HTTP request splitting (bsc#1117630) - CVE-2018-12123: Fixed hostname spoofing in URL parser for javascript protocol (bsc#1117629) </description> <summary>Security update for nodejs4</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor