ALSA-2025:4459

[ALSA-2025:4459] Important: nodejs:22 security update

Type:

security

Severity:

important

Release date:

2025-05-06

Description:

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.   

Security Fix(es):  

  * c-ares: c-ares has a use-after-free in read_answers() (CVE-2025-31498)
  * SQLite: integer overflow in SQLite (CVE-2025-3277)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	v8-12.4-devel-12.4.254.21-1.22.15.0.1.module_el8.10.0+3986+a908e756.aarch64.rpm	17cb30c7a9ee334ddbe499b46f1ab599586fcb3298b3e19b0e9c7db5339de395
aarch64	nodejs-full-i18n-22.15.0-1.module_el8.10.0+3986+a908e756.aarch64.rpm	1a0822af721dbb7d91218ef6ed6af03a7e2101518dfed3ba11087a579b63dcbc
aarch64	npm-10.9.2-1.22.15.0.1.module_el8.10.0+3986+a908e756.aarch64.rpm	25b1d26bdc2096926733a46c011ab36ea45dd235f208b31fc4952712c824d7b2
aarch64	nodejs-libs-22.15.0-1.module_el8.10.0+3986+a908e756.aarch64.rpm	2c505dc5f38324c7cf34690f8dfd26dedaacc007b3a9945197cddf6e62e53c19
aarch64	nodejs-22.15.0-1.module_el8.10.0+3986+a908e756.aarch64.rpm	a01892e87ae5cf27e4860aba16ba932bac8d8cd0875ec3d370a0ff6388da5b31
aarch64	nodejs-devel-22.15.0-1.module_el8.10.0+3986+a908e756.aarch64.rpm	efc03cdf4a1bfcf00cf7db13a5103eb45c4911f9572595d528f2ca90bc48424c
noarch	nodejs-docs-22.15.0-1.module_el8.10.0+3986+a908e756.noarch.rpm	1d824d782e86b23e069f169488a9622d1115d65e84b8bff2190af4685f3265c5
noarch	nodejs-packaging-2021.06-4.module_el8.10.0+3961+6a788e57.noarch.rpm	46dc3ddb344e0ffee7331f57a2f7b7fc674e9abd901af46cba10926f0c9b0e9d
noarch	nodejs-nodemon-3.0.1-1.module_el8.10.0+3983+391a1a04.noarch.rpm	53d47bcd3ba5d6d0d0045485ca1f36974f9a4fcf7250dd99e461957b5569b3bd
noarch	nodejs-packaging-bundler-2021.06-4.module_el8.10.0+3961+6a788e57.noarch.rpm	f68cc5d7a383cbee17ad43acc466061915b2b7309b6696369168e2a3c4a7158c
ppc64le	npm-10.9.2-1.22.15.0.1.module_el8.10.0+3986+a908e756.ppc64le.rpm	0faaa87425b01b0fddbf8889283637043c849793b88c4d19b3e4630b566ecba7
ppc64le	v8-12.4-devel-12.4.254.21-1.22.15.0.1.module_el8.10.0+3986+a908e756.ppc64le.rpm	3222aee9a02cca1291954d0df9f00044cae0f01333be04a62805e17d876d0a4f
ppc64le	nodejs-devel-22.15.0-1.module_el8.10.0+3986+a908e756.ppc64le.rpm	4943072bed674b24e4c12147d2ac340b6a73aca7c5954f64d0769dd00e2aa955
ppc64le	nodejs-22.15.0-1.module_el8.10.0+3986+a908e756.ppc64le.rpm	634065461f9cb12be11456d63aeab37f01c5158a1b3a44439f92ba41db801ff9
ppc64le	nodejs-libs-22.15.0-1.module_el8.10.0+3986+a908e756.ppc64le.rpm	ae3a90ef8f08582e78113f50ec764f8eb9a2d578f4eeae73fe658b9a61870ef2
ppc64le	nodejs-full-i18n-22.15.0-1.module_el8.10.0+3986+a908e756.ppc64le.rpm	ce7f121b2a5b9c6fbb7ad5d5fc4d83ebd36f0393ca78e778aba31e1213d64c63
s390x	v8-12.4-devel-12.4.254.21-1.22.15.0.1.module_el8.10.0+3986+a908e756.s390x.rpm	179f264166084b2b4bd28e4aa721179dca758cddc0d30265495d6907e7743db2
s390x	npm-10.9.2-1.22.15.0.1.module_el8.10.0+3986+a908e756.s390x.rpm	2fca4ec3c7e6231b151fdd0edebc96bf779a674e36b09bdefeb38c2272be291c
s390x	nodejs-libs-22.15.0-1.module_el8.10.0+3986+a908e756.s390x.rpm	3a8533d2cf06f32896935c79398728076b5d97fd9474e930ec51d1f51e4bed16
s390x	nodejs-devel-22.15.0-1.module_el8.10.0+3986+a908e756.s390x.rpm	aae373cf8ddb3aee98eed6100dfa7f815079b9ee7bb30e964d48b63534e8f7bc
s390x	nodejs-full-i18n-22.15.0-1.module_el8.10.0+3986+a908e756.s390x.rpm	adc37cbeeb1e689804967b75936f468bb012f230c11b767640003d11067444c4
s390x	nodejs-22.15.0-1.module_el8.10.0+3986+a908e756.s390x.rpm	d280c401e81d36a5d102b22c88e00870e7fc27ec40fa95188de52601a8fb1c20
x86_64	npm-10.9.2-1.22.15.0.1.module_el8.10.0+3986+a908e756.x86_64.rpm	23cc86798844f2a6a03879069edc93733e1643bb69e456b87e77ed513827d686
x86_64	nodejs-devel-22.15.0-1.module_el8.10.0+3986+a908e756.x86_64.rpm	62f42e6b545349e3941162141208f5aa86bbc7e1c9e0715f65275f6a4d23ba9c
x86_64	nodejs-libs-22.15.0-1.module_el8.10.0+3986+a908e756.x86_64.rpm	a60661bc41c969194c49eeb54299c8ee618a3f670277919e23ef7e849b821f7c
x86_64	v8-12.4-devel-12.4.254.21-1.22.15.0.1.module_el8.10.0+3986+a908e756.x86_64.rpm	b09aa1ba4eca54e53b496fbfadf3faf08ac1a6681f09e49724b2e893721fce0c
x86_64	nodejs-22.15.0-1.module_el8.10.0+3986+a908e756.x86_64.rpm	b126e807327001ad8e72aff42ed32ce628a456c68d4a7b6b628f26095c6acd2d
x86_64	nodejs-full-i18n-22.15.0-1.module_el8.10.0+3986+a908e756.x86_64.rpm	fe0b6b7e4520b89ed2022ae8b7d1e06039de0595b9356af0a2fa534ebb3bc815

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.