Oracle Linux 6264 Published by

A nodejs:16 security, bug fix, and enhancement update has been released for Oracle Linux 8.



El-errata: ELSA-2022-9073-1 Moderate: Oracle Linux 8 nodejs:16 security, bug fix, and enhancement update


Oracle Linux Security Advisory ELSA-2022-9073-1

  http://linux.oracle.com/errata/ELSA-2022-9073-1.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
nodejs-16.18.1-3.module+el8.7.0+20893+df13f383.x86_64.rpm
nodejs-devel-16.18.1-3.module+el8.7.0+20893+df13f383.x86_64.rpm
nodejs-docs-16.18.1-3.module+el8.7.0+20893+df13f383.noarch.rpm
nodejs-full-i18n-16.18.1-3.module+el8.7.0+20893+df13f383.x86_64.rpm
nodejs-nodemon-2.0.20-2.module+el8.7.0+20893+df13f383.noarch.rpm
nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.noarch.rpm
npm-8.19.2-1.16.18.1.3.module+el8.7.0+20893+df13f383.x86_64.rpm

aarch64:
nodejs-16.18.1-3.module+el8.7.0+20893+df13f383.aarch64.rpm
nodejs-devel-16.18.1-3.module+el8.7.0+20893+df13f383.aarch64.rpm
nodejs-docs-16.18.1-3.module+el8.7.0+20893+df13f383.noarch.rpm
nodejs-full-i18n-16.18.1-3.module+el8.7.0+20893+df13f383.aarch64.rpm
nodejs-nodemon-2.0.20-2.module+el8.7.0+20893+df13f383.noarch.rpm
nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.noarch.rpm
npm-8.19.2-1.16.18.1.3.module+el8.7.0+20893+df13f383.aarch64.rpm

SRPMS:
  http://oss.oracle.com/ol8/SRPMS-updates/nodejs-16.18.1-3.module+el8.7.0+20893+df13f383.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/nodejs-nodemon-2.0.20-2.module+el8.7.0+20893+df13f383.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.src.rpm

Related CVEs:

CVE-2021-44531
CVE-2021-44532
CVE-2021-44533
CVE-2021-44906
CVE-2022-3517
CVE-2022-21824
CVE-2022-43548



Description of changes:

nodejs
[1:16.18.1-3]
- Update sources of undici WASM blobs
Resolves: rhbz#2151546

[1:16.18.1-2]
- Record CVE references already addressed in this or previous upstream versions
Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824

[1:16.18.1-1]
- Rebase + CVE fixes
- Resolves: #2142806
- Resolves: #2142837, #2142851

nodejs-nodemon
[2.0.20-2]
- Record CVE fixed in the current or previous upstream versions
Resolves: CVE-2021-44906

_______________________________________________