openSUSE 15.5: SUSE-SU-2023:0419-1 Moderate Nodejs18 Security Fix
opensuse
February 15, 2023
An update that solves 7 vulnerabilities, contains two features and has three fixes is now available.
Description
This update for nodejs18 fixes the following issues:
This update ships nodejs18 (jsc#PED-2097)
Update to NodejJS 18.13.0 LTS:
* build: disable v8 snapshot compression by default
* crypto: update root certificates
* deps: update ICU to 72.1
* doc:
+ add doc-only deprecation for headers/trailers setters
+ add Rafael to the tsc
+ deprecate use of invalid ports in url.parse
+ deprecate url.parse()
* lib: drop fetch experimental warning
* net: add autoSelectFamily and autoSelectFamilyAttemptTimeout options
* src:
+ add uvwasi version
+ add initial shadow realm support
* test_runner:
+ add t.after() hook
+ don't use a symbol for runHook()
* tls:
+ add "ca" property to certificate object
* util:
+ add fast path for utf8 encoding
+ improve textdecoder decode performance
+ add MIME utilities
- Fixes compatibility with ICU 72.1 (bsc#1205236)
- Fix migration to openssl-3...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.5:
zypper in -t patch openSUSE-SLE-15.5-2023-419=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-419=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP4-2023-419=1
Package List
- openSUSE Leap 15.5 (aarch64 s390x x86_64):
corepack18-18.13.0-150400.9.3.1
nodejs18-18.13.0-150400.9.3.1
nodejs18-debuginfo-18.13.0-150400.9.3.1
nodejs18-debugsource-18.13.0-150400.9.3.1
nodejs18-devel-18.13.0-150400.9.3.1
npm18-18.13.0-150400.9.3.1
- openSUSE Leap 15.5 (noarch):
nodejs18-docs-18.13.0-150400.9.3.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
corepack18-18.13.0-150400.9.3.1
nodejs18-18.13.0-150400.9.3.1
nodejs18-debuginfo-18.13.0-150400.9.3.1
nodejs18-debugsource-18.13.0-150400.9.3.1
nodejs18-devel-18.13.0-150400.9.3.1
npm18-18.13.0-150400.9.3.1
- openSUSE Leap 15.4 (noarch):
nodejs18-docs-18.13.0-150400.9.3.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4 (aarch64 ppc64le s390x x86_64):
nodejs18-18.13.0-150400.9.3.1
nodejs18-debuginfo-18.13.0-150400.9.3.1
nodejs18-debugsource-18.13.0-150400.9.3.1
nodejs18-devel-18.13.0-150400.9.3.1
npm18-18.13.0-150400.9.3.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4 (noarch):
nodejs18-docs-18.13.0-150400.9.3.1
References
https://www.suse.com/security/cve/CVE-2022-32212.html
https://www.suse.com/security/cve/CVE-2022-32213.html
https://www.suse.com/security/cve/CVE-2022-32214.html
https://www.suse.com/security/cve/CVE-2022-32215.html
https://www.suse.com/security/cve/CVE-2022-35255.html
https://www.suse.com/security/cve/CVE-2022-35256.html
https://www.suse.com/security/cve/CVE-2022-43548.html
https://bugzilla.suse.com/1200303
https://bugzilla.suse.com/1201325
https://bugzilla.suse.com/1201326
https://bugzilla.suse.com/1201327
https://bugzilla.suse.com/1201328
https://bugzilla.suse.com/1203831
https://bugzilla.suse.com/1203832
https://bugzilla.suse.com/1205042
https://bugzilla.suse.com/1205119
https://bugzilla.suse.com/1205236
PREVIOUS
NEXT
Announcement ID: SUSE-SU-2023:0419-1
Rating: moderate
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Web Scripting 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap 15.5
le.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!