Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 538
Alerts This Week
Warning Icon 1 538

Fedora 23: 2016-3102c11757 Critical: Node.js Response Issues

fedora
Calendar Grey February 15, 2016
Dist Fedora Esm H88
Critical security patch for Fedora 23 resolving various vulnerabilities in Node.js, keeping your applications protected.
Security fix for CVE-2016-2216, CVE-2016-2086

Summary

Node.js is a platform built on Chrome's JavaScript runtime

for easily building fast, scalable network applications.

Node.js uses an event-driven, non-blocking I/O model that

makes it lightweight and efficient, perfect for data-intensive

real-time applications that run across distributed devices.

Update Information:

Security fix for CVE-2016-2216, CVE-2016-2086

Change Log

References


[ 1 ] Bug #1306203 - CVE-2016-2216 nodejs: Response splitting vulnerability using Unicode characters https://bugzilla.redhat.com/show_bug.cgi?id=1306203 [ 2 ] Bug #1306200 - CVE-2016-2086 nodejs: Request smuggling vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1306200

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update nodejs' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: nodejs
Product: Fedora 23
Version: 0.10.42
Release: 4.fc23
Summary: JavaScript runtime

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.