Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 41: 2025-88025e98b2 critical: nodejs20 use-after-free

fedora
Calendar Grey May 7, 2025
Dist Fedora Esm H88
Debian 12 patch addresses critical memory leak issues in Python 3.12, improving application performance and stability.
Update to version 20.19.1

Summary

Node.js is a platform built on Chrome's JavaScript runtime \

for easily building fast, scalable network applications. \

Node.js uses an event-driven, non-blocking I/O model that \

makes it lightweight and efficient, perfect for data-intensive \

real-time applications that run across distributed devices.}

Update Information:

Update to version 20.19.1

Topics%20covered

Topics Covered

security advisory update Fedora threat runtime nodejs

Change Log

* Tue Apr 22 2025 tjuhasz - 1:20.19.1-1 - Update to version 20.19.1 (rhbz#2361667) * Mon Apr 14 2025 tjuhasz - 1:20.19.0-8 - Added ignore for specific rpminspect tests failing with verify * Mon Apr 14 2025 Andrei Radchenko - 1:20.19.0-7 - Enable testing in CI * Fri Apr 11 2025 tjuhasz - 1:20.19.0-6 - Improve test run start * Wed Apr 2 2025 Andrei Radchenko - 1:20.19.0-5 - Remove old scriplets * Wed Apr 2 2025 tjuhasz - 1:20.19.0-4 - Basic unit tests run during build * Tue Mar 25 2025 Andrei Radchenko - 1:20.19.0-3 - Enable tests * Fri Mar 21 2025 tjuhasz - 1:20.19.0-2 - Add rpminspect config to disable disttag check

References


[ 1 ] Bug #2358570 - CVE-2025-31498 nodejs20: c-ares has a use-after-free in read_answers() [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2358570 [ 2 ] Bug #2361667 - nodejs20-20.19.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2361667

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-88025e98b2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: nodejs20
Product: Fedora 41
Version: 20.19.1
Release: 1.fc41
URL: https://nodejs.org/en/
Summary: JavaScript runtime

Topics%20covered

Topics Covered

security advisory update Fedora threat runtime nodejs

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here