Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

openSUSE 15 SP3: 2022:0070-1 Important: Nodejs-Electron Security Patch

opensuse
Calendar Grey March 3, 2022
Dist Opensuse Esm H88
Major patch released for openSUSE addressing 15 vulnerabilities in nodejs-react, boosting overall performance and safety.
An update that fixes 18 vulnerabilities is now available

Description

This update for nodejs-electron fixes the following issues:

- Fix webpack-4 with OpenSSL 3.0

Update to version 16.0.9

* https://github.com/electron/electron/releases/tag/v16.0.9

Update to version 16.0.8

* https://github.com/electron/electron/releases/tag/v16.0.8

- Add devel package with node headers (e.g. for node-gyp)

- Update to version 16.0.7

* https://github.com/electron/electron/releases/tag/v16.0.7

- Update to version 15.3.3

* https://github.com/electron/electron/releases/tag/v15.3.3

- Update to version 13.6.3

https://github.com/electron/electron/releases/tag/v13.6.3

- Update to version 13.6.2

https://github.com/electron/electron/releases/tag/v13.6.2

- Fix for CVE-2021-37998

- Fix for CVE-2021-38001

- Fix for CVE-2021-38002

- Fix for CVE-2021-38003

- Do not build with H264

- Update to version 13.6.1

https://github.com/electron/electron/releases/tag/v13.6.1

- Fix for CVE-2021-37981

-...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory system enhancement critical update security patch important issue openSUSE nodejs-electron

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP3:

zypper in -t patch openSUSE-2022-70=1

Package List

- openSUSE Backports SLE-15-SP3 (x86_64):

nodejs-electron-16.0.9-bp153.2.1

nodejs-electron-devel-16.0.9-bp153.2.1

References

https://www.suse.com/security/cve/CVE-2021-30625.html

https://www.suse.com/security/cve/CVE-2021-30626.html

https://www.suse.com/security/cve/CVE-2021-30627.html

https://www.suse.com/security/cve/CVE-2021-30628.html

https://www.suse.com/security/cve/CVE-2021-30630.html

https://www.suse.com/security/cve/CVE-2021-30631.html

https://www.suse.com/security/cve/CVE-2021-30632.html

https://www.suse.com/security/cve/CVE-2021-30633.html

https://www.suse.com/security/cve/CVE-2021-37981.html

https://www.suse.com/security/cve/CVE-2021-37984.html

https://www.suse.com/security/cve/CVE-2021-37987.html

https://www.suse.com/security/cve/CVE-2021-37989.html

https://www.suse.com/security/cve/CVE-2021-37992.html

https://www.suse.com/security/cve/CVE-2021-37996.html

https://www.suse.com/security/cve/CVE-2021-37998.html

https://www.suse.com/security/cve/CVE-2021-38001.html

https://www.suse.com/security/cve/CVE-2021-38002.html

https://www.suse.com/security/cve/CVE-2021-38003.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2022:0070-1
Rating: important
Affected Products: openSUSE Backports SLE-15-SP3 .

Topics%20covered

Topics Covered

security advisory system enhancement critical update security patch important issue openSUSE nodejs-electron

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here