El-errata: ELSA-2023-0050 Moderate: Oracle Linux 8 nodejs:14 security, bug fix, and enhancement update
Oracle Linux Security Advisory ELSA-2023-0050
http://linux.oracle.com/errata/ELSA-2023-0050.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
nodejs-14.21.1-2.module+el8.7.0+20895+79a25710.x86_64.rpm
nodejs-devel-14.21.1-2.module+el8.7.0+20895+79a25710.x86_64.rpm
nodejs-docs-14.21.1-2.module+el8.7.0+20895+79a25710.noarch.rpm
nodejs-full-i18n-14.21.1-2.module+el8.7.0+20895+79a25710.x86_64.rpm
nodejs-nodemon-2.0.20-2.module+el8.7.0+20895+79a25710.noarch.rpm
nodejs-packaging-23-3.module+el8.3.0+7818+6cd30d85.noarch.rpm
npm-6.14.17-1.14.21.1.2.module+el8.7.0+20895+79a25710.x86_64.rpm
aarch64:
nodejs-14.21.1-2.module+el8.7.0+20895+79a25710.aarch64.rpm
nodejs-devel-14.21.1-2.module+el8.7.0+20895+79a25710.aarch64.rpm
nodejs-docs-14.21.1-2.module+el8.7.0+20895+79a25710.noarch.rpm
nodejs-full-i18n-14.21.1-2.module+el8.7.0+20895+79a25710.aarch64.rpm
nodejs-nodemon-2.0.20-2.module+el8.7.0+20895+79a25710.noarch.rpm
nodejs-packaging-23-3.module+el8.3.0+7818+6cd30d85.noarch.rpm
npm-6.14.17-1.14.21.1.2.module+el8.7.0+20895+79a25710.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/nodejs-14.21.1-2.module+el8.7.0+20895+79a25710.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/nodejs-nodemon-2.0.20-2.module+el8.7.0+20895+79a25710.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/nodejs-packaging-23-3.module+el8.3.0+7818+6cd30d85.src.rpm
Related CVEs:
CVE-2021-44906
CVE-2022-0235
CVE-2022-3517
CVE-2022-24999
CVE-2022-43548
Description of changes:
nodejs
[1:14.21.1-2]
- Apply upstream fix for CVE-2022-24999
Resolves: CVE-2022-24999
- Record CVEs fixed by current or previous upstream releases
Resolves: CVE-2021-44906
[1:14.21.1-1]
- Rebase to version 14.21.1
Resolves: rhbz#2129805 CVE-2022-43548 CVE-2022-3517
_______________________________________________
A nodejs:14 security, bug fix, and enhancement update has been released for Oracle Linux 8.
