Fedora 41: FEDORA-2025-d4cc30bdfb moderate: pnpm security fix
fedora
May 3, 2025
Update pnpm to version 10.9.0 to fix CVE-2024-47829 and nodejs-bash-language- server to version 5.6.0
Summary
A fast, disk space efficient package manager for NodeJS.
Update Information:
Update pnpm to version 10.9.0 to fix CVE-2024-47829 and nodejs-bash-language- server to version 5.6.0
Topics Covered
Change Log
* Thu Apr 24 2025 Andreas Schneider
References
[ 1 ] Bug #2361975 - CVE-2024-47829 nodejs-pnpm: pnpm uses the md5 path shortening function causes packet paths to coincide, which causes indirect packet overwriting [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2361975
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-d4cc30bdfb' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Name: nodejs-pnpm
Product: Fedora 41
Version: 10.9.0
Release: 1.fc41
URL: https://pnpm.io
Summary: Fast, disk space efficient package manager
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!