File _patchinfo of Package patchinfo.25000

<patchinfo incident="25000">
  <issue tracker="cve" id="2022-32215"/>
  <issue tracker="cve" id="2022-2097"/>
  <issue tracker="cve" id="2022-32214"/>
  <issue tracker="cve" id="2022-32213"/>
  <issue tracker="cve" id="2022-32212"/>
  <issue tracker="bnc" id="1201325">VUL-0: CVE-2022-32213: nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding</issue>
  <issue tracker="bnc" id="1201328">VUL-0: CVE-2022-32212: nodejs: DNS rebinding in --inspect via invalid IP addresses</issue>
  <issue tracker="bnc" id="1201327">VUL-0: CVE-2022-32215: nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding</issue>
  <issue tracker="bnc" id="1201326">VUL-0: CVE-2022-32214: nodejs: HTTP request smuggling due to improper delimiting of header fields</issue>
  <issue tracker="bnc" id="1201099">VUL-0: CVE-2022-2097: openssl-1_1,openssl-3: AES OCB fails to encrypt some bytes</issue>
  <packager>adamm</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for nodejs12</summary>
  <description>This update for nodejs12 fixes the following issues:

- CVE-2022-32212: Fixed DNS rebinding in --inspect via invalid IP addresses (bsc#1201328).
- CVE-2022-32213: Fixed HTTP request smuggling due to flawed parsing of Transfer-Encoding (bsc#1201325).
- CVE-2022-32214: Fixed HTTP request smuggling due to improper delimiting of header fields (bsc#1201326).
- CVE-2022-32215: Fixed HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding (bsc#1201327).
- CVE-2022-2097: Fixed missing encrypted bytes in AES OCB mode (bsc#1201099).
</description>
</patchinfo>