File _patchinfo of Package patchinfo.14083
<patchinfo incident="14083">
<issue tracker="cve" id="2019-15605"/>
<issue tracker="cve" id="2019-15604"/>
<issue tracker="cve" id="2019-15606"/>
<issue tracker="bnc" id="1163102">VUL-0: CVE-2019-15605: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP request smuggling using malformed Transfer-Encoding header</issue>
<issue tracker="bnc" id="1163103">VUL-0: CVE-2019-15606: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP header values do not have trailing OWS trimmed</issue>
<issue tracker="bnc" id="1163104">VUL-0: CVE-2019-15604: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string</issue>
<packager>adamm</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for nodejs8</summary>
<description>This update for nodejs8 fixes the following issues:
Security issues fixed:
- CVE-2019-15604: Fixed a remotely triggerable assertion in the TLS server via a crafted certificate string (CVE-2019-15604, bsc#1163104).
- CVE-2019-15605: Fixed an HTTP request smuggling vulnerability via malformed Transfer-Encoding header (CVE-2019-15605, bsc#1163102).
- CVE-2019-15606: Fixed the white space sanitation of HTTP headers (CVE-2019-15606, bsc#1163103).
</description>
</patchinfo>