Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
100
security advisorySuSEDoSSUSE: python39 Critical RCE CVE-2025-8842 Advis 2025:3920-1
* bsc#1246818 Cross-References: * CVE-2025-7783 . # Security update for nodejs18 Announcement ID: SUSE-SU-2025:3919-1 Release Date: 2025-11-03T10:32:00Z Rating: important References: * bsc#1246818 Cross-References: * CVE-2025-7783 CVSS scores: * CVE-2025-7783 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:L/SI:L/SA:N * CVE-2025-7783 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2025-7783 ( NVD ): 9.4 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for nodejs18 fixes the following issues: * CVE-2025-7783: Switched away from Math.random() in boundary values for multipart form-encoded data (bsc#1246818) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3919=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * nodejs18-debuginfo-18.20.8-8.41.1 * nodejs18-18.20.8-8.41.1 * nodejs18-devel-18.20.8-8.41.1 * npm18-18.20.8-8.41.1 * nodejs18-debugsource-18.20.8-8.41.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * nodejs18-docs-18.20.8-8.41.1 ## References: * https://www.suse.com/security/cve/CVE-2025-7783.html * https://bugzilla.suse.com/show_bug.cgi?id=1246818 . Critical security alert for SUSE nodejs18 addressing CVE-2025-7783 withimportant severity. Immediate patching recommended.. SUSE nodejs18 security update, CVE-2025-7783 patch, important advisory. . Severity: Important. LinuxSecurity.com Team
Nov 03, 2025
•Important
SuSE
100
security advisorypackage updateimportantSUSE: 2025:0234-1 important: nodejs18 critical memory leak fix
* bsc#1236250 * bsc#1236258 Cross-References: * CVE-2025-22150 . # Security update for nodejs18 Announcement ID: SUSE-SU-2025:0234-1 Release Date: 2025-01-24T16:34:23Z Rating: important References: * bsc#1236250 * bsc#1236258 Cross-References: * CVE-2025-22150 * CVE-2025-23085 CVSS scores: * CVE-2025-22150 ( SUSE ): 7.4 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22150 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-22150 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-23085 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-23085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for nodejs18 fixes the following issues: Update to 18.20.6: * CVE-2025-23085: Fixed HTTP2 memory leak on premature close and ERR_PROTO (bsc#1236250) * CVE-2025-22150: Fixed insufficiently random values used when defining the boundary for a multipart/form-data request in undici (bsc#1236258) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-234=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-234=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) *nodejs18-debugsource-18.20.6-8.33.1 * nodejs18-debuginfo-18.20.6-8.33.1 * nodejs18-18.20.6-8.33.1 * npm18-18.20.6-8.33.1 * nodejs18-devel-18.20.6-8.33.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * nodejs18-docs-18.20.6-8.33.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * nodejs18-debugsource-18.20.6-8.33.1 * nodejs18-debuginfo-18.20.6-8.33.1 * nodejs18-18.20.6-8.33.1 * npm18-18.20.6-8.33.1 * nodejs18-devel-18.20.6-8.33.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * nodejs18-docs-18.20.6-8.33.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22150.html * https://www.suse.com/security/cve/CVE-2025-23085.html * https://bugzilla.suse.com/show_bug.cgi?id=1236250 * https://bugzilla.suse.com/show_bug.cgi?id=1236258 . Essential enhancements in nodejs18 significantly bolster security, tackling two primary vulnerabilities. Discover additional details regarding the updates today.. nodejs18 Security, SUSE Updates, Linux Security measures. . Severity: Important. LinuxSecurity.com Team
Jan 24, 2025
•Important
SuSE
100
security advisorymoderateupdateSUSE: 2024:2542-1 Moderate: Nodejs18 Network Import Issues
* bsc#1222665 * bsc#1227554 * bsc#1227560 Cross-References: . # Security update for nodejs18 Announcement ID: SUSE-SU-2024:2542-1 Rating: moderate References: * bsc#1222665 * bsc#1227554 * bsc#1227560 Cross-References: * CVE-2024-22020 * CVE-2024-27980 * CVE-2024-36138 CVSS scores: * CVE-2024-22020 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * Web and Scripting Module 15-SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for nodejs18 fixes the following issues: Update to 18.20.4: * CVE-2024-36138: Fixed CVE-2024-27980 fix bypass (bsc#1227560) * CVE-2024-22020: Fixed a bypass of network import restriction via data URL (bsc#1227554) Changes in 18.20.3: * This release fixes a regression introduced in Node.js 18.19.0 where http.server.close() was incorrectly closing idle connections. deps: * acorn updated to 8.11.3. * acorn-walk updated to 8.3.2. * ada updated to 2.7.8. * c-ares updated to 1.28.1. * corepack updated to 0.28.0. * nghttp2 updated to 1.61.0. * ngtcp2 updated to 1.3.0. * npm updated to 10.7.0. Includes a fix from npm@10.5.1 to limit the number of open connections npm/cli#7324. * simdutf updated to 5.2.4. Changes in 18.20.2: * CVE-2024-27980: Fixed command injection via args parameter of child_process.spawn without shell option enabled on Windows (bsc#1222665) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2542=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2542=1 * Web andScripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-2542=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * nodejs18-18.20.4-150400.9.24.2 * nodejs18-debugsource-18.20.4-150400.9.24.2 * npm18-18.20.4-150400.9.24.2 * nodejs18-devel-18.20.4-150400.9.24.2 * nodejs18-debuginfo-18.20.4-150400.9.24.2 * corepack18-18.20.4-150400.9.24.2 * openSUSE Leap 15.4 (noarch) * nodejs18-docs-18.20.4-150400.9.24.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * nodejs18-18.20.4-150400.9.24.2 * nodejs18-debugsource-18.20.4-150400.9.24.2 * npm18-18.20.4-150400.9.24.2 * nodejs18-devel-18.20.4-150400.9.24.2 * nodejs18-debuginfo-18.20.4-150400.9.24.2 * corepack18-18.20.4-150400.9.24.2 * openSUSE Leap 15.5 (noarch) * nodejs18-docs-18.20.4-150400.9.24.2 * Web and Scripting Module 15-SP5 (aarch64 ppc64le s390x x86_64) * nodejs18-18.20.4-150400.9.24.2 * nodejs18-debugsource-18.20.4-150400.9.24.2 * npm18-18.20.4-150400.9.24.2 * nodejs18-devel-18.20.4-150400.9.24.2 * nodejs18-debuginfo-18.20.4-150400.9.24.2 * Web and Scripting Module 15-SP5 (noarch) * nodejs18-docs-18.20.4-150400.9.24.2 ## References: * https://www.suse.com/security/cve/CVE-2024-22020.html * https://www.suse.com/security/cve/CVE-2024-27980.html * https://www.suse.com/security/cve/CVE-2024-36138.html * https://bugzilla.suse.com/show_bug.cgi?id=1222665 * https://bugzilla.suse.com/show_bug.cgi?id=1227554 * https://bugzilla.suse.com/show_bug.cgi?id=1227560 . This notice upgrades nodejs18 to rectify vulnerabilities including command execution flaws and limitations on imports.. SUSE NodeJS Security Update, NodeJS Advisory, SUSE Security Patches, NodeJS Vulnerability Fixes. . LinuxSecurity.com Team
Jul 17, 2024
SuSE
100
security advisorydenial of servicesoftware updateSUSE: 2024:0644-1 Critical: nodejs18 Denial Of Service Attack and Elevation
* bsc#1219724 * bsc#1219992 * bsc#1219993 * bsc#1219997 * bsc#1220014 . # Security update for nodejs18 Announcement ID: SUSE-SU-2024:0644-1 Rating: important References: * bsc#1219724 * bsc#1219992 * bsc#1219993 * bsc#1219997 * bsc#1220014 * bsc#1220017 Cross-References: * CVE-2023-46809 * CVE-2024-21892 * CVE-2024-22019 * CVE-2024-22025 * CVE-2024-24758 * CVE-2024-24806 CVSS scores: * CVE-2023-46809 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-21892 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-22019 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24758 ( SUSE ): 3.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L * CVE-2024-24806 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-24806 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * Web and Scripting Module 12 An update that solves six vulnerabilities can now be installed. ## Description: This update for nodejs18 fixes the following issues: Update to 18.19.1: (security updates) * CVE-2024-21892: Code injection and privilege escalation throughLinux capabilities (bsc#1219992). * CVE-2024-22019: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks (bsc#1219993). * CVE-2023-46809: Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) (bsc#1219997). * CVE-2024-22025: Denial of Service by resource exhaustion in fetch() brotli decoding (bsc#1220014). * CVE-2024-24758: undici version 5.28.3 (bsc#1220017). * CVE-2024-24806: libuv version 1.48.0 (bsc#1219724). Update to LTS version 18.19.0 * deps: npm updates to 10.x * esm: * Leverage loaders when resolving subsequent loaders * import.meta.resolve unflagged * \--experimental-default-type flag to flip module defaults ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 12 zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2024-644=1 ## Package List: * Web and Scripting Module 12 (aarch64 ppc64le s390x x86_64) * nodejs18-debuginfo-18.19.1-8.18.1 * npm18-18.19.1-8.18.1 * nodejs18-18.19.1-8.18.1 * nodejs18-devel-18.19.1-8.18.1 * nodejs18-debugsource-18.19.1-8.18.1 * Web and Scripting Module 12 (noarch) * nodejs18-docs-18.19.1-8.18.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46809.html * https://www.suse.com/security/cve/CVE-2024-21892.html * https://www.suse.com/security/cve/CVE-2024-22019.html * https://www.suse.com/security/cve/CVE-2024-22025.html * https://www.suse.com/security/cve/CVE-2024-24758.html * https://www.suse.com/security/cve/CVE-2024-24806.html * https://bugzilla.suse.com/show_bug.cgi?id=1219724 * https://bugzilla.suse.com/show_bug.cgi?id=1219992 * https://bugzilla.suse.com/show_bug.cgi?id=1219993 * https://bugzilla.suse.com/show_bug.cgi?id=1219997 * https://bugzilla.suse.com/show_bug.cgi?id=1220014 *https://bugzilla.suse.com/show_bug.cgi?id=1220017 . A security patch for nodejs18 addresses several vulnerabilities, such as Denial of Service (DoS) threats and privilege escalation risks specifically on SUSE platforms.. SUSE Security Update,nodejs18 Issues,Denial of Service,Node.js Security. . Severity: Important. LinuxSecurity.com Team
Feb 28, 2024
•Important
SuSE
100
security advisorycriticalimportantSUSE: 2023:4150-1 Important: Nodejs18 Security Issues Resolved
* bsc#1216190 * bsc#1216205 * bsc#1216272 * bsc#1216273 . # Security update for nodejs18 Announcement ID: SUSE-SU-2023:4150-1 Rating: important References: * bsc#1216190 * bsc#1216205 * bsc#1216272 * bsc#1216273 Cross-References: * CVE-2023-38552 * CVE-2023-39333 * CVE-2023-44487 * CVE-2023-45143 CVSS scores: * CVE-2023-38552 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2023-39333 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45143 ( SUSE ): 3.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L * CVE-2023-45143 ( NVD ): 3.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * Web and Scripting Module 12 An update that solves four vulnerabilities can now be installed. ## Description: This update for nodejs18 fixes the following issues: * Update to version 18.18.2 * CVE-2023-44487: Fixed the Rapid Reset attack in nghttp2. (bsc#1216190) * CVE-2023-45143: Fixed a cookie leakage in undici. (bsc#1216205) *CVE-2023-38552: Fixed an integrity checks according to policies that could be circumvented. (bsc#1216272) * CVE-2023-39333: Fixed a code injection via WebAssembly export names. (bsc#1216273) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 12 zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2023-4150=1 ## Package List: * Web and Scripting Module 12 (aarch64 ppc64le s390x x86_64) * nodejs16-16.20.2-8.36.1 * npm16-16.20.2-8.36.1 * nodejs16-debugsource-16.20.2-8.36.1 * nodejs16-devel-16.20.2-8.36.1 * nodejs16-debuginfo-16.20.2-8.36.1 * Web and Scripting Module 12 (noarch) * nodejs16-docs-16.20.2-8.36.1 ## References: * https://www.suse.com/security/cve/CVE-2023-38552.html * https://www.suse.com/security/cve/CVE-2023-39333.html * https://www.suse.com/security/cve/CVE-2023-44487.html * https://www.suse.com/security/cve/CVE-2023-45143.html * https://bugzilla.suse.com/show_bug.cgi?id=1216190 * https://bugzilla.suse.com/show_bug.cgi?id=1216205 * https://bugzilla.suse.com/show_bug.cgi?id=1216272 * https://bugzilla.suse.com/show_bug.cgi?id=1216273 . Learn how to install the critical security update for Node.js 18 using either zypper or YaST, ensuring your system remains secure against vulnerabilities. nodejs18 Update,SUSE Security Advisory,Code Injection Fix,Integrity Check. . Severity: Important. LinuxSecurity.com Team
Oct 20, 2023
•Important
SuSE
89
security advisoryhigh severityFedoraFedora 38: 2023-cdddce304a High Severity: Node.js 18 Issues Addressed
## 2023-06-20, Version 18.16.1 'Hydrogen' (LTS), @RafaelGSS This is a security release. ### Notable Changes The following CVEs are fixed in this release: * [CVE-2023-30581](https://www.cve.org/CVERecord?id=CVE-2023-30581): `mainModule.__proto__` Bypass Experimental Policy Mechanism (High) * [CVE-2023-30585](https://www.cve.org/CVERecord?id=CVE-2023-30585):. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-cdddce304a 2023-07-21 02:25:07.834369 --------------------------------------------------------------------------------Name : nodejs18 Product : Fedora 38 Version : 18.16.1 Release : 1.fc38 URL : https://nodejs.org/en/ Summary : JavaScript runtime Description : Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed devices.} --------------------------------------------------------------------------------Update Information: ## 2023-06-20, Version 18.16.1 'Hydrogen' (LTS), @RafaelGSS This is a security release. ### Notable Changes The following CVEs are fixed in this release: * [CVE-2023-30581](https://www.cve.org/CVERecord?id=CVE-2023-30581): `mainModule.__proto__` Bypass Experimental Policy Mechanism (High) * [CVE-2023-30585](https://www.cve.org/CVERecord?id=CVE-2023-30585): Privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process (Medium) * [CVE-2023-30588](https://www.cve.org/CVERecord?id=CVE-2023-30588): Process interuption due to invalid Public Key information in x509 certificates (Medium) * [CVE-2023-30589](https://www.cve.org/CVERecord?id=CVE-2023-30589): HTTP Request Smuggling via Empty headers separated by CR (Medium)* [CVE-2023-30590](https://www.cve.org/CVERecord?id=CVE-2023-30590): DiffieHellman does not generate keys after setting a private key (Medium) * OpenSSL Security Releases * [OpenSSL security advisory 28th March](https://openssl-library.org/news/secadv/20230328.txt). * [OpenSSL security advisory 20th April](https://openssl-library.org/news/secadv/20230420.txt). * [OpenSSL security advisory 30th May](https://openssl-library.org/news/secadv/20230530.txt) * c-ares vulnerabilities: * [GHSA-9g78-jv2r-p7vc](https://github.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc) * [GHSA-8r8p-23f3-64c2](https://github.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2) * [GHSA-54xr-f67r-4pc4](https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4) * [GHSA-x6mf-cxr9-8q6v](https://github.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v) More detailed information on each of the vulnerabilities can be found in [June 2023 Security Releases](https://nodejs.org/en/blog/vulnerability/june-2023-security-releases/) blog post. --------------------------------------------------------------------------------ChangeLog: * Wed Jun 21 2023 Stephen Gallagher - 1:18.16.1-1 - Update to security release 18.16.1 * Wed Jun 21 2023 Stephen Gallagher - 1:18.16.0-10 - sources: install jinja2 if needed * Mon May 15 2023 Stephen Gallagher - 1:18.16.0-9 - Fix NPM Obsoletes --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-cdddce304a' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jul 21, 2023
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!