El-errata: ELSA-2021-3666 Important: Oracle Linux 8 nodejs:14 security and bug fix update
Oracle Linux Security Advisory ELSA-2021-3666
http://linux.oracle.com/errata/ELSA-2021-3666.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
nodejs-14.17.5-1.module+el8.4.0+20313+f90c2973.x86_64.rpm
nodejs-devel-14.17.5-1.module+el8.4.0+20313+f90c2973.x86_64.rpm
nodejs-docs-14.17.5-1.module+el8.4.0+20313+f90c2973.noarch.rpm
nodejs-full-i18n-14.17.5-1.module+el8.4.0+20313+f90c2973.x86_64.rpm
nodejs-nodemon-2.0.3-1.module+el8.3.0+7818+6cd30d85.noarch.rpm
nodejs-packaging-23-3.module+el8.3.0+7818+6cd30d85.noarch.rpm
npm-6.14.14-1.14.17.5.1.module+el8.4.0+20313+f90c2973.x86_64.rpm
aarch64:
nodejs-14.17.5-1.module+el8.4.0+20313+f90c2973.aarch64.rpm
nodejs-devel-14.17.5-1.module+el8.4.0+20313+f90c2973.aarch64.rpm
nodejs-docs-14.17.5-1.module+el8.4.0+20313+f90c2973.noarch.rpm
nodejs-full-i18n-14.17.5-1.module+el8.4.0+20313+f90c2973.aarch64.rpm
nodejs-nodemon-2.0.3-1.module+el8.3.0+7818+6cd30d85.noarch.rpm
nodejs-packaging-23-3.module+el8.3.0+7818+6cd30d85.noarch.rpm
npm-6.14.14-1.14.17.5.1.module+el8.4.0+20313+f90c2973.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/nodejs-14.17.5-1.module+el8.4.0+20313+f90c2973.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/nodejs-nodemon-2.0.3-1.module+el8.3.0+7818+6cd30d85.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/nodejs-packaging-23-3.module+el8.3.0+7818+6cd30d85.src.rpm
Related CVEs:
CVE-2021-3672
CVE-2021-22930
CVE-2021-22931
CVE-2021-22939
CVE-2021-22940
CVE-2021-23343
CVE-2021-32803
CVE-2021-32804
Description of changes:
nodejs
[1:14.17.5-1]
- Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940,
- CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
- Resolves RHBZ#1847529 (make FIPS always available)
- Resolves: RHBZ#1988599, RHBZ#1994000, RHBZ#1993998, RHBZ#1993095
- Resolves: RHBZ#1994028, RHBZ#1994402, RHBZ#1994406, RHBZ#1994398
- Resolves: RHBZ#1993924 (make FIPS always available)
[1:14.17.3-3]
- Resolves: RHBZ#1991584, RHBZ#1991578
- Resolves CVE-2021-23362 CVE-2021-27290
- Bump for missing mentions of CVEs
A nodejs:14 security and bug fix update has been released for Oracle Linux 8.