Oracle8: ELSA-2021-5171: nodejs Moderate Security Update | LinuxSec...

Advisories

What Are You Looking For?

Popular Tags

Contribute

Advisories This Week: 279

Oracle Linux Security Advisory ELSA-2021-5171

https://linux.oracle.com/errata/ELSA-2021-5171.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
nodejs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.x86_64.rpm
nodejs-devel-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.x86_64.rpm
nodejs-docs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.noarch.rpm
nodejs-full-i18n-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.x86_64.rpm
nodejs-nodemon-2.0.15-1.module+el8.5.0+20457+52828f44.noarch.rpm
nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.noarch.rpm
npm-8.1.2-1.16.13.1.3.0.1.module+el8.5.0+20457+52828f44.x86_64.rpm

aarch64:
nodejs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.aarch64.rpm
nodejs-devel-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.aarch64.rpm
nodejs-docs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.noarch.rpm
nodejs-full-i18n-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.aarch64.rpm
nodejs-nodemon-2.0.15-1.module+el8.5.0+20457+52828f44.noarch.rpm
nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.noarch.rpm
npm-8.1.2-1.16.13.1.3.0.1.module+el8.5.0+20457+52828f44.aarch64.rpm


SRPMS:
https://oss.oracle.com/ol8/SRPMS-updates/nodejs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates/nodejs-nodemon-2.0.15-1.module+el8.5.0+20457+52828f44.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates/nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.src.rpm

Related CVEs:

CVE-2020-7788
CVE-2020-28469
CVE-2021-3807
CVE-2021-3918
CVE-2021-22959
CVE-2021-22960
CVE-2021-33502




Description of changes:

nodejs
[16.13.1-3.0.1]
- Libraries must not be group-writeable. Change node-gyp permission to 0755 [Orabug: 28451433]

[1:16.13.1-3]
- Resolves: RHBZ#2027610
- Add corepack to spec

[1:16.13.1-2]
- Resolves: RHBZ#2027610
- Update npm version test

[1:16.13.1-1]
- Resolves: RHBZ#2027644, RHBZ#2027643, RHBZ#2027638, RHBZ#2027633
- Resolves: RHBZ#2027610
- Rebase to LTS release and to fix multiple low and medium CVEs

nodejs-nodemon
[2.0.15-1]
- Resolves: RHBZ#2027630
- Resolves CVE-2020-28469
- Rebase to newest version
- Change source to npmjs.com

_______________________________________________
El-errata mailing list
[email protected]
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle8: ELSA-2021-5171: nodejs Moderate Security Update

Summary

Description of changes: nodejs [16.13.1-3.0.1] - Libraries must not be group-writeable. Change node-gyp permission to 0755 [Orabug: 28451433] [1:16.13.1-3] - Resolves: RHBZ#2027610 - Add corepack to spec [1:16.13.1-2] - Resolves: RHBZ#2027610 - Update npm version test [1:16.13.1-1] - Resolves: RHBZ#2027644, RHBZ#2027643, RHBZ#2027638, RHBZ#2027633 - Resolves: RHBZ#2027610 - Rebase to LTS release and to fix multiple low and medium CVEs nodejs-nodemon [2.0.15-1] - Resolves: RHBZ#2027630 - Resolves CVE-2020-28469 - Rebase to newest version - Change source to npmjs.com

i386

x86_64

nodejs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.x86_64.rpm nodejs-devel-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.x86_64.rpm nodejs-docs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.noarch.rpm nodejs-full-i18n-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.x86_64.rpm nodejs-nodemon-2.0.15-1.module+el8.5.0+20457+52828f44.noarch.rpm nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.noarch.rpm npm-8.1.2-1.16.13.1.3.0.1.module+el8.5.0+20457+52828f44.x86_64.rpm aarch64: nodejs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.aarch64.rpm nodejs-devel-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.aarch64.rpm nodejs-docs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.noarch.rpm nodejs-full-i18n-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.aarch64.rpm nodejs-nodemon-2.0.15-1.module+el8.5.0+20457+52828f44.noarch.rpm nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.noarch.rpm npm-8.1.2-1.16.13.1.3.0.1.module+el8.5.0+20457+52828f44.aarch64.rpm

SRPMS

https://oss.oracle.com/ol8/SRPMS-updates/nodejs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.src.rpm https://oss.oracle.com/ol8/SRPMS-updates/nodejs-nodemon-2.0.15-1.module+el8.5.0+20457+52828f44.src.rpm https://oss.oracle.com/ol8/SRPMS-updates/nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.src.rpm

Severity
Related CVEs: CVE-2020-7788 CVE-2020-28469 CVE-2021-3807 CVE-2021-3918 CVE-2021-22959 CVE-2021-22960 CVE-2021-33502

News

Advisories

HOWTOs

Features

Open-Source VPN Protocols Compared: Why WireGuard is on the Rise!
Open Source OSINT Tools and Techniques
The Story Behind the Linux Security Quick Reference Guide
Benefits & Drawbacks of Using a VPN on Linux
How a WAF Could Improve the Security of Your Linux Web Applications

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy