Mageia 2021-0092: nodejs security update
Mageia 2021-0092: nodejs security update
Two vulnerabilities were discovered in Node.js, which could result in denial of service or DNS rebinding attacks. Upgrade from Mageia 7 to 8 problem fixed. References:
MGASA-2021-0092 - Updated nodejs packages fix security vulnerabilities Publication date: 28 Feb 2021 URL: https://advisories.mageia.org/MGASA-2021-0092.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2021-22883, CVE-2021-22884 Two vulnerabilities were discovered in Node.js, which could result in denial of service or DNS rebinding attacks. Upgrade from Mageia 7 to 8 problem fixed. References: - https://bugs.mageia.org/show_bug.cgi?id=28445 - https://bugs.mageia.org/show_bug.cgi?id=28481 - https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/ - https://nodejs.org/en/blog/release/v10.24.0/ - https://nodejs.org/en/blog/release/v14.16.0/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884 SRPMS: - 7/core/nodejs-10.24.0-10.mga7 - 8/core/nodejs-14.16.0-1.mga8