Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:Update
patchinfo.8543
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.8543
<patchinfo incident="8543"> <issue tracker="bnc" id="1105019">VUL-0: CVE-2018-12115: nodejs4,nodejs6,nodejs8,nodejs10: Out of bounds (OOB) write</issue> <issue tracker="bnc" id="1097748">devel:languages:nodejs/nodejs8: installing nodejs8 also installs nodejs9 and npm9 (instead of npm8)</issue> <issue tracker="bnc" id="1082318">Packages must not mark license files as %doc</issue> <issue tracker="bnc" id="1097158">VUL-0: CVE-2018-0732: openssl1,openssl,compat-openssl098: Reject excessively large primes in DH key generation.</issue> <issue tracker="bnc" id="1091764">[staging] FTBFS: nojdejs8 fails to build against icu 61.1</issue> <issue tracker="cve" id="2018-0732"/> <issue tracker="cve" id="2018-12115"/> <category>security</category> <rating>moderate</rating> <packager>adamm</packager> <description>This update for nodejs4 fixes the following issues: Security issues fixed: - CVE-2018-12115: Fixed an out-of-bounds memory write in Buffer that could be used to write to memory outside of a Buffer's memory space buffer (bsc#1105019) - Upgrade to OpenSSL 1.0.2p, which fixed: - CVE-2018-0732: Client denial-of-service due to large DH parameter (bsc#1097158) - ECDSA key extraction via local side-channel Other changes made: - Recommend same major version npm package (bsc#1097748) - Use absolute paths in executable shebang lines - Fix building with ICU61.1 (bsc#1091764) - Install license with %license, not %doc (bsc#1082318) </description> <summary>Security update for nodejs4</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor