Oracle Linux Security Advisory ELSA-2022-6448 https://linux.oracle.com/errata/ELSA-2022-6448.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: nodejs-14.20.0-2.module+el8.6.0+20729+8fb6d84e.x86_64.rpm nodejs-devel-14.20.0-2.module+el8.6.0+20729+8fb6d84e.x86_64.rpm nodejs-docs-14.20.0-2.module+el8.6.0+20729+8fb6d84e.noarch.rpm nodejs-full-i18n-14.20.0-2.module+el8.6.0+20729+8fb6d84e.x86_64.rpm nodejs-nodemon-2.0.19-2.module+el8.6.0+20729+8fb6d84e.noarch.rpm nodejs-packaging-23-3.module+el8.3.0+7818+6cd30d85.noarch.rpm npm-6.14.17-1.14.20.0.2.module+el8.6.0+20729+8fb6d84e.x86_64.rpm aarch64: nodejs-14.20.0-2.module+el8.6.0+20729+8fb6d84e.aarch64.rpm nodejs-devel-14.20.0-2.module+el8.6.0+20729+8fb6d84e.aarch64.rpm nodejs-docs-14.20.0-2.module+el8.6.0+20729+8fb6d84e.noarch.rpm nodejs-full-i18n-14.20.0-2.module+el8.6.0+20729+8fb6d84e.aarch64.rpm nodejs-nodemon-2.0.19-2.module+el8.6.0+20729+8fb6d84e.noarch.rpm nodejs-packaging-23-3.module+el8.3.0+7818+6cd30d85.noarch.rpm npm-6.14.17-1.14.20.0.2.module+el8.6.0+20729+8fb6d84e.aarch64.rpm SRPMS: https://oss.oracle.com/ol8/SRPMS-updates/nodejs-14.20.0-2.module+el8.6.0+20729+8fb6d84e.src.rpm https://oss.oracle.com/ol8/SRPMS-updates/nodejs-nodemon-2.0.19-2.module+el8.6.0+20729+8fb6d84e.src.rpm https://oss.oracle.com/ol8/SRPMS-updates/nodejs-packaging-23-3.module+el8.3.0+7818+6cd30d85.src.rpm Related CVEs: CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215 CVE-2022-33987 Description of changes: nodejs [1:14.20.0-2] - Replace with_* macros with RPM confitionals - Unify configure calls into single command - Refactor bootstrap-related parts - Decouple dependency bundling from bootstrapping - Resolves: RHBZ#2111417 [1:14.20.0-1] - Rebase to latest version - Resolves: RHBZ#2106367 - CVE fixes for CVE-2022-32212/3/4/5 - Resolves: #2109576, #2109579, #2109582, #2109585 [1:14.18.2-3] - Resolves: RHBZ#2029519 - Add missing BZ to changelog nodejs-nodemon [2.0.19-2] - Switched from autosetup - Removed CODE_OF_CONDUCT.md and faq.md which is not present in npmjs package, might switch to GH sources in the future - Resolves: RHBZ#2109919 [2.0.19-1] - Rebase to 2.0.19 - Resolves CVE-2022-33987 - Resolves: RHBZ#2109919 _______________________________________________ El-errata mailing list [email protected] https://oss.oracle.com/mailman/listinfo/el-errata