Security update for nodejs14
This update for nodejs14 fixes the following issues:
- New upstream LTS version 14.16.0:
* CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion (bsc#1182619)
* CVE-2021-22884: DNS rebinding in --inspect (bsc#1182620)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
-
Submitted by
Adam Majer (adamm)
Fixed bugs
bnc#1182619
VUL-0: CVE-2021-22883: nodejs10,nodejs12,nodejs14,nodejs: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion
bnc#1182620
VUL-0: CVE-2021-22884: nodejs10,nodejs12,nodejs14,nodejs: DNS rebinding in --inspect
