MGASA-2021-0463 - Updated nodejs packages fix security vulnerability

Publication date: 06 Oct 2021
URL: https://advisories.mageia.org/MGASA-2021-0463.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2021-3672,
     CVE-2021-22931,
     CVE-2021-22939,
     CVE-2021-22940,
     CVE-2021-37701,
     CVE-2021-37712,
     CVE-2021-37713,
     CVE-2021-39134,
     CVE-2021-39135

Multiple security fixes for nodejs. See references for details

References:
- https://bugs.mageia.org/show_bug.cgi?id=29365
- https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/
- https://nodejs.org/en/blog/release/v14.17.5/
- https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases2/
- https://nodejs.org/en/blog/release/v14.17.6/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3672
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22931
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22939
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22940
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37701
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37712
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37713
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39134
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39135

SRPMS:
- 8/core/nodejs-14.17.6-1.mga8