Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Alexander_Naumov:SLE-12:Update
patchinfo.13494
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.13494
<patchinfo incident="13494"> <issue tracker="jsc" id="SLE-8947"/> <issue tracker="bnc" id="1146093">VUL-0: CVE-2019-9518: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP/2 implementation is vulnerable to a flood of empty frames, potentially leading to a denial of service</issue> <issue tracker="bnc" id="1146095">VUL-0: CVE-2019-9514: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP/2 implementation is vulnerable to a reset flood, potentially leading to a denial of service</issue> <issue tracker="bnc" id="1146100">VUL-0: CVE-2019-9515: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP/2: flood using SETTINGS frames results in unbounded memory growth</issue> <issue tracker="bnc" id="1146099">VUL-0: CVE-2019-9512: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP/2: flood using PING frames results in unbounded memory growth</issue> <issue tracker="bnc" id="1140290">VUL-0: CVE-2019-13173: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: nodejs-fstream: File overwrite in fstream.DirWriter() function</issue> <issue tracker="bnc" id="1146097">VUL-0: CVE-2019-9517: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP/2 implementations are vulnerable to unconstrained interal data buffering</issue> <issue tracker="bnc" id="1146090">VUL-0: CVE-2019-9516: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP/2 implementation is vulnerable to a header leak, potentially leading to a denial of service</issue> <issue tracker="bnc" id="1149792">openssl 1.1.1c causes build failures in other packages</issue> <issue tracker="bnc" id="1146094">VUL-1: CVE-2019-9513: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP/2 implementation is vulnerable to resource loops, potentially leading to a denial of service.</issue> <issue tracker="bnc" id="1146091">VUL-0: CVE-2019-9511: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service</issue> <issue tracker="cve" id="2019-9516"/> <issue tracker="cve" id="2019-9511"/> <issue tracker="cve" id="2019-13173"/> <issue tracker="cve" id="2019-9517"/> <issue tracker="cve" id="2019-9513"/> <issue tracker="cve" id="2019-9515"/> <issue tracker="cve" id="2019-9518"/> <issue tracker="cve" id="2019-9512"/> <issue tracker="cve" id="2019-9514"/> <packager>adamm</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for nodejs12</summary> <description>This update for nodejs12 fixes the following issues: Update to LTS release 12.13.0 (jsc#SLE-8947). Security issues fixed: - CVE-2019-9511: Fixed the HTTP/2 implementation that was vulnerable to window size manipulations (bsc#1146091). - CVE-2019-9512: Fixed the HTTP/2 implementation that was vulnerable to floods using PING frames (bsc#1146099). - CVE-2019-9513: Fixed the HTTP/2 implementation that was vulnerable to resource loops, potentially leading to a denial of service (bsc#1146094). - CVE-2019-9514: Fixed the HTTP/2 implementation that was vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146095). - CVE-2019-9515: Fixed the HTTP/2 implementation that was vulnerable to a SETTINGS frame flood (bsc#1146100). - CVE-2019-9516: Fixed the HTTP/2 implementation that was vulnerable to a header leak, potentially leading to a denial of service (bsc#1146090). - CVE-2019-9517: Fixed the HTTP/2 implementation that was vulnerable to unconstrained interal data buffering (bsc#1146097). - CVE-2019-9518: Fixed the HTTP/2 implementation that was vulnerable to a flood of empty frames, potentially leading to a denial of service (bsc#1146093). - CVE-2019-13173: Fixed a file overwrite in the fstream.DirWriter() function (bsc#1140290). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor