[ALSA-2023:5765] Important: nodejs security update
Type:
security
Severity:
important
Release date:
2023-10-17
Description:
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): * nodejs: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) A AlmaLinux Security Bulletin which addresses further details about this flaw is available in the References section. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 nodejs-full-i18n-16.20.2-3.el9_2.aarch64.rpm 35188c4d5b9aa307933eb40823729d9ec65b0edc54f5746b5e70630707bcd7a3
aarch64 nodejs-libs-16.20.2-3.el9_2.aarch64.rpm 5d59c205cc6992e3d4ace3e70a06c6ca98d1597be2d4cb44c9aeb4f02052221f
aarch64 nodejs-16.20.2-3.el9_2.aarch64.rpm 94473eb30d3760e0dd96c3a5b9188abd0cec85c09cfc56ef8d206a173f0f8e4c
aarch64 npm-8.19.4-1.16.20.2.3.el9_2.aarch64.rpm d57d4a6755bcf0b3775f5defcda9e91eaa0bcbc3a4f9b3dcdcb15c2a6f11a9e3
i686 nodejs-libs-16.20.2-3.el9_2.i686.rpm 11dbaa3c54be241e365eed756ccb9eed84b1893752f712bcdb51f553749dc9e6
noarch nodejs-docs-16.20.2-3.el9_2.noarch.rpm 0f5a5069d621f91301233c0819939ce698d99f80cd018abe7bf1c67e8cc9b50e
ppc64le nodejs-full-i18n-16.20.2-3.el9_2.ppc64le.rpm 458d678eb2d8fa9da348379629a3b1e5829bb0cc2912fa06f7e8554649b5c404
ppc64le nodejs-libs-16.20.2-3.el9_2.ppc64le.rpm 9354e30ebb6627044c3d9940342fbdcaf0e991aed2bff15f6911a78fd0ce0b71
ppc64le nodejs-16.20.2-3.el9_2.ppc64le.rpm e06eeaa0db546b03acd1c4046a5807402a9cd1e664eccef3934ce217908210b7
ppc64le npm-8.19.4-1.16.20.2.3.el9_2.ppc64le.rpm e3add72eb9e0d97d18e1515045da06daa70569259ab5d429db190bd608f650eb
s390x npm-8.19.4-1.16.20.2.3.el9_2.s390x.rpm 106b26528d38b01657a88c2e1f9cb5f371b9c247cf072a8739d70cb1faf77bb0
s390x nodejs-16.20.2-3.el9_2.s390x.rpm 1abb0413bda3a5bfc01448256632e00c9e64ef50635ef10c4af0b81a8e33c0f1
s390x nodejs-full-i18n-16.20.2-3.el9_2.s390x.rpm 6ffbdb36543defc6168e38b65e0365d83457cb055fa9941225a90ad8dbbe9dc3
s390x nodejs-libs-16.20.2-3.el9_2.s390x.rpm fd5ff6843d52e51691f06676dabdea72bcd6052e30c0a8f3a88cd9027100e868
x86_64 nodejs-full-i18n-16.20.2-3.el9_2.x86_64.rpm 79d0d6b80a3573081b824ddc60f842abdd7787af59536cded12230634b92a8b3
x86_64 nodejs-libs-16.20.2-3.el9_2.x86_64.rpm 7af8fcb0914d80bd7d233f4d567bb266f649e80b378f5453292557a3649c2c7e
x86_64 npm-8.19.4-1.16.20.2.3.el9_2.x86_64.rpm bdd26bfd0c9a398271b4df72d9f7fed545b821c9ce962659961bf387ccc553b8
x86_64 nodejs-16.20.2-3.el9_2.x86_64.rpm deacd7782ec8dab7cd6ea2c20359552dfd5b2b4648587b292c88c8f036793cdd
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.