Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
202
security advisorysecurity updatesoftware patchopenSUSE Leap 15.2 Security Update: Important Nodejs8 Stream Fix
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for nodejs8 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:1343-1 Rating: important References: #1188917 Cross-References: CVE-2021-22930 CVSS scores: CVE-2021-22930 (SUSE): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: nodejs8 was updated to fix the following security issues: - CVE-2021-22930: http2: fixes use after free on close in stream canceling (bsc#1188917) This update was imported from the SUSE:SLE-15-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-1343=1 Package List: - openSUSE Leap 15.2 (i586 x86_64): nodejs8-8.17.0-lp152.3.17.1 nodejs8-debuginfo-8.17.0-lp152.3.17.1 nodejs8-debugsource-8.17.0-lp152.3.17.1 nodejs8-devel-8.17.0-lp152.3.17.1 npm8-8.17.0-lp152.3.17.1 - openSUSE Leap 15.2 (noarch): nodejs8-docs-8.17.0-lp152.3.17.1 References: https://www.suse.com/security/cve/CVE-2021-22930.html https://bugzilla.suse.com/1188917 . Debian Node.js8 security update addresses CVE-2021-22930. Critical fix released for stable 15.2 version. Immediate action required!. openSUSE Security Update,nodejs8 patch,Leap 15.2 fix. . Severity: Important. LinuxSecurity.com Team
Oct 11, 2021
•Important
OpenSUSE
202
security advisoryimportantfixopenSUSE Leap 15.3: 2021:3294-1 Important Nodejs8 Stream Issue
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for nodejs8 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:3294-1 Rating: important References: #1188917 Cross-References: CVE-2021-22930 CVSS scores: CVE-2021-22930 (SUSE): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: openSUSE Leap 15.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: nodejs8 was updated to fix the following security issues: - CVE-2021-22930: http2: fixes use after free on close in stream canceling (bsc#1188917) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2021-3294=1 Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): nodejs8-8.17.0-10.15.11 nodejs8-debuginfo-8.17.0-10.15.11 nodejs8-debugsource-8.17.0-10.15.11 nodejs8-devel-8.17.0-10.15.11 npm8-8.17.0-10.15.11 - openSUSE Leap 15.3 (noarch): nodejs8-docs-8.17.0-10.15.11 References: https://www.suse.com/security/cve/CVE-2021-22930.html https://bugzilla.suse.com/1188917 . The latest update for OpenSUSE Node.js 8 resolves significant vulnerabilities concerning stream caching. Discover how to implement patches efficiently.. openSUSE,nodejs8,security,patch,update. . Severity: Important. LinuxSecurity.com Team
Oct 06, 2021
•Important
OpenSUSE
203
security advisorysecurity updatetomcatMageia 7: MGASA-2020-0397 Moderate: Tomcat HTTP/2 Stream Vulnerability Fix
If an HTTP/2 client exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. This could lead to users seeing responses for unexpected . MGASA-2020-0397 - Updated tomcat packages fix a security vulnerability Publication date: 29 Oct 2020 URL: https://advisories.mageia.org/MGASA-2020-0397.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-13943 If an HTTP/2 client exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. This could lead to users seeing responses for unexpected resources (CVE-2020-13943). References: - https://bugs.mageia.org/show_bug.cgi?id=27396 - https://tomcat.apache.org/security-9.html - https://www.cve.org/CVERecord?id=CVE-2020-13943 SRPMS: - 7/core/tomcat-9.0.38-1.mga7 . Mageia 2020-0398 updates nginx packages to fix a TLS vulnerability that could result in sensitive data leakage.. http2, tomcat update, mageia advisory, security fix, stream vulnerability. . LinuxSecurity.com Team
Oct 29, 2020
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!