File _patchinfo of Package patchinfo.20299

<patchinfo incident="20299">
  <issue tracker="bnc" id="1183851">VUL-0: CVE-2021-3450: openssl-1_1: CA certificate check bypass with X509_V_FLAG_X509_STRICT</issue>
  <issue tracker="bnc" id="1183852">VUL-0: CVE-2021-3449: openssl-1_1: NULL pointer deref in signature_algorithms processing</issue>
  <issue tracker="bnc" id="1187976">VUL-0: CVE-2021-27290: nodejs10,nodejs12,nodejs14,nodejs: npm upgrade - ssri Regular Expression Denial of Service (ReDoS)</issue>
  <issue tracker="bnc" id="1184450">VUL-0: CVE-2020-7774: nodejs8, nodejs10, nodejs12, nodejs14:  y18n Prototype Pollution</issue>
  <issue tracker="bnc" id="1187973">VUL-0: CVE-2021-22918: nodejs10,nodejs12,nodejs14,nodejs,libuv: libuv upgrade - Out of bounds read</issue>
  <issue tracker="bnc" id="1187977">VUL-0: CVE-2021-23362: nodejs10,nodejs12,nodejs14,nodejs: npm upgrade - hosted-git-info Regular Expression Denial of Service (ReDoS)</issue>
  <issue tracker="cve" id="2021-22918"/>
  <issue tracker="cve" id="2021-27290"/>
  <issue tracker="cve" id="2021-23362"/>
  <issue tracker="cve" id="2020-7774"/>
  <issue tracker="cve" id="2021-3449"/>
  <issue tracker="cve" id="2021-3450"/>
  <packager>adamm</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for nodejs12</summary>
  <description>This update for nodejs12 fixes the following issues:

- update to 12.22.2:
- CVE-2021-22918: Out of bounds read (bsc#1187973)
- CVE-2021-23362: ssri Regular Expression Denial of Service and hosted-git-info (bsc#1187977)
- CVE-2021-27290: Regular Expression Denial of Service (bsc#1187976)
- CVE-2021-3450: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (bsc#1183851)
- CVE-2021-3449: OpenSSL - NULL pointer deref in signature_algorithms processing (bsc#1183852)
- CVE-2020-7774: npm - Update y18n to fix Prototype-Pollution (bsc#1184450)
</description>
</patchinfo>