[ALSA-2025:1611] Important: nodejs:22 security update
Type:
security
Severity:
important
Release date:
2025-02-18
Description:
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): * undici: Undici Uses Insufficiently Random Values (CVE-2025-22150) * nodejs: Node.js Worker Thread Exposure via Diagnostics Channel (CVE-2025-23083) * nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap (CVE-2025-23085) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 nodejs-libs-22.13.1-1.module_el8.10.0+3961+6a788e57.aarch64.rpm 2ea1998701b2ccf7534ed749f6e8c72bf88bee401976a82688db63386b2d4182
aarch64 v8-12.4-devel-12.4.254.21-1.22.13.1.1.module_el8.10.0+3961+6a788e57.aarch64.rpm 4445dc14a234c0383ff0c8511e7a7555cbc1563a22090c55eed9735625c189fb
aarch64 npm-10.9.2-1.22.13.1.1.module_el8.10.0+3961+6a788e57.aarch64.rpm 4897f0ff5c95928ae79907df1e6103bccaaeb68aa3de8dcbdee3425315b47160
aarch64 nodejs-devel-22.13.1-1.module_el8.10.0+3961+6a788e57.aarch64.rpm 778680142946ff41040b7e198fda68faa0f5f0059700904c32a9bdc70650315c
aarch64 nodejs-full-i18n-22.13.1-1.module_el8.10.0+3961+6a788e57.aarch64.rpm b58766f9d02be2f59cec398d0d5c873b82f2e786cf9501e8312a23bf5dbb49ba
aarch64 nodejs-22.13.1-1.module_el8.10.0+3961+6a788e57.aarch64.rpm cbb4a94a9cc441732a454d8da79f6c68740e3d4943cbe07c08b59e3895a48ad4
noarch nodejs-docs-22.13.1-1.module_el8.10.0+3961+6a788e57.noarch.rpm 18f0b1a437341350647ac6f533cfa35dfa53fa152b0aacc27407471651497bcb
noarch nodejs-nodemon-3.0.1-1.module_el8.8.0+3613+1ed8c91d.noarch.rpm 1de153a1170baeaa24f02ebd86d32d508ac48ea9ed54e2a70c5250a81952a65b
noarch nodejs-packaging-2021.06-4.module_el8.10.0+3961+6a788e57.noarch.rpm 46dc3ddb344e0ffee7331f57a2f7b7fc674e9abd901af46cba10926f0c9b0e9d
noarch nodejs-packaging-bundler-2021.06-4.module_el8.10.0+3961+6a788e57.noarch.rpm f68cc5d7a383cbee17ad43acc466061915b2b7309b6696369168e2a3c4a7158c
ppc64le npm-10.9.2-1.22.13.1.1.module_el8.10.0+3961+6a788e57.ppc64le.rpm 1665d788e6fe43d0a760917734827334e6f056c13313513ce338284ce051840b
ppc64le v8-12.4-devel-12.4.254.21-1.22.13.1.1.module_el8.10.0+3961+6a788e57.ppc64le.rpm 37ae8b3a60dc62b6645a0b9cff70a0afc2f73bc0cb187d14c547b6a7c675a23c
ppc64le nodejs-libs-22.13.1-1.module_el8.10.0+3961+6a788e57.ppc64le.rpm 4bf748ee9bb336eb969333eb111431941e08cd62a6a6ee0fd1be2e52a38a8419
ppc64le nodejs-full-i18n-22.13.1-1.module_el8.10.0+3961+6a788e57.ppc64le.rpm 6516e7034c12818638cc12700783549b01bd2967c67d04ca9a0665f74e2d474c
ppc64le nodejs-22.13.1-1.module_el8.10.0+3961+6a788e57.ppc64le.rpm 7d3175593e5869f8165bf102de29c19d87fe18df1a038360f36a6a1d21910202
ppc64le nodejs-devel-22.13.1-1.module_el8.10.0+3961+6a788e57.ppc64le.rpm e1093a81b398fa70dffa23da573a7d190f3673bfd8a26cce9c022bc84220854e
s390x nodejs-libs-22.13.1-1.module_el8.10.0+3961+6a788e57.s390x.rpm 03e2ef2c2b37dbdf108f2eba6b2ceee0e531cf16ab5f57037c4d6827f9e1e4a7
s390x v8-12.4-devel-12.4.254.21-1.22.13.1.1.module_el8.10.0+3961+6a788e57.s390x.rpm 18da70306ebe2d4c3124decb7dec6879b3912d8fbb99f7d6b47c52c263d1f14b
s390x nodejs-22.13.1-1.module_el8.10.0+3961+6a788e57.s390x.rpm 1a1ad544cf6b03a84fa9380da5ef6354324ed1e2f6cdcfe5c577cfba576e5d17
s390x nodejs-full-i18n-22.13.1-1.module_el8.10.0+3961+6a788e57.s390x.rpm 3f6283f240ff1c6ae9da6488631ebb1046745fa0374ae91dec1be5e11b33e0e4
s390x nodejs-devel-22.13.1-1.module_el8.10.0+3961+6a788e57.s390x.rpm a21ebfae638b63508d0ca47b3d191200b143c90de61432783ba3d0e53344bb5b
s390x npm-10.9.2-1.22.13.1.1.module_el8.10.0+3961+6a788e57.s390x.rpm b3ced75dcef759e688e549c781af9f2bd4bd6bbc2c987e194f78cd41030b4201
x86_64 nodejs-devel-22.13.1-1.module_el8.10.0+3961+6a788e57.x86_64.rpm 4b9cee2a5141462cccdf6d930b93bb58b5337fb1672aa74f21caf12ad26801c2
x86_64 nodejs-full-i18n-22.13.1-1.module_el8.10.0+3961+6a788e57.x86_64.rpm 51410adab7eec0420f8676c1340cd7189c69ee48c61a9b522e851b012c2f9ee2
x86_64 v8-12.4-devel-12.4.254.21-1.22.13.1.1.module_el8.10.0+3961+6a788e57.x86_64.rpm 6e4475a118075e5f64c2e9ff3584076f95c06f11fd77b7b137264473d702716d
x86_64 nodejs-libs-22.13.1-1.module_el8.10.0+3961+6a788e57.x86_64.rpm 773f758fc2f5143b8fd5f3acc01e653bfdd43168b7c827b79d05cb0d39cc8005
x86_64 nodejs-22.13.1-1.module_el8.10.0+3961+6a788e57.x86_64.rpm 846913de1ead32e0a68511c7e382fdc8a1fe335f32c321ccdd72d060098b58f7
x86_64 npm-10.9.2-1.22.13.1.1.module_el8.10.0+3961+6a788e57.x86_64.rpm 9d032da03febd73f6ecc7b0738ccbb40679d69fd9cf2892f2a5a7d178b311572
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.