Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 38: FEDORA-2023-d5030c983c High: Node.js Security Update

fedora
Calendar Grey October 24, 2023
Dist Fedora Esm H88
Fedora 38's recent patch resolves key vulnerabilities found in Node.js version 18.18.2, fortifying the security posture of the operating system.
## 2023-10-13, Version 18.18.2 'Hydrogen' (LTS), @RafaelGSS This is a security release

Summary

Node.js is a platform built on Chrome's JavaScript runtime \

for easily building fast, scalable network applications. \

Node.js uses an event-driven, non-blocking I/O model that \

makes it lightweight and efficient, perfect for data-intensive \

real-time applications that run across distributed devices.}

Update Information:

## 2023-10-13, Version 18.18.2 'Hydrogen' (LTS), @RafaelGSS This is a security release. ### Notable Changes The following CVEs are fixed in this release: * [CVE-2023-44487](-bin/cvename.cgi?name=CVE-2023-44487): `nghttp2` Security Release (High) * [CVE-2023-45143](- bin/cvename.cgi?name=CVE-2023-45143): `undici` Security Release (High) * [CVE-2023-38552](-bin/cvename.cgi?name=CVE-2023-38552): Integrity checks according to policies can be circumvented (Medium) * [CVE-2023-39333](-bin/cvename.cgi?name=CVE-2023-39333): Code injection via WebAssembly export names (Low) More detailed information on each of the vulnerabilities can be found in [October 2023 Security Releases](- releases/) blog post.

Topics%20covered

Topics Covered

security advisory high severity Fedora DoS security fix code injection Node.js

Change Log

* Mon Oct 16 2023 Stephen Gallagher - 1:18.18.2-1 - Update to 18.18.2

References

Fedora Update Notification FEDORA-2023-d5030c983c 2023-10-24 01:21:22.156573 Name : nodejs18 Product : Fedora 38 Version : 18.18.2 Release : 1.fc38 URL : https://nodejs.org/en/ Summary : JavaScript runtime Description : Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed devices.}

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-d5030c983c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Name: nodejs18
Product: Fedora 38
Version: 18.18.2
Release: 1.fc38
URL: https://nodejs.org/en/
Summary: JavaScript runtime

Topics%20covered

Topics Covered

security advisory high severity Fedora DoS security fix code injection Node.js

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here