ALSA-2025:7426

[ALSA-2025:7426] Moderate: nodejs:20 security update

Type:

security

Severity:

moderate

Release date:

2025-07-02

Description:

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.   

Security Fix(es):  

  * c-ares: c-ares has a use-after-free in read_answers() (CVE-2025-31498)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	nodejs-20.19.1-1.module_el9.6.0+163+d268fe53.aarch64.rpm	2abbd6aa3bad6f236663023507d87010c9f530c89b55cc953ff6034d78922020
aarch64	nodejs-full-i18n-20.19.1-1.module_el9.6.0+163+d268fe53.aarch64.rpm	5aa2e0938c672b6f5254ce336d23b45ac635ffd9bb7ae7fdbfb7011c127b1f9f
aarch64	nodejs-devel-20.19.1-1.module_el9.6.0+163+d268fe53.aarch64.rpm	9712ccf3852577ddbc89b8b743a8024e71d59b3db6dc5cd08295bc04a1b59d91
aarch64	npm-10.8.2-1.20.19.1.1.module_el9.6.0+163+d268fe53.aarch64.rpm	dbf0f44e25009fd429627c054d9fbf253670d1359b0c8b795c7028fab3dcfaa9
noarch	nodejs-nodemon-3.0.1-1.module_el9.5.0+125+8dc38870.noarch.rpm	572b82ee164b85ffef41f974897332716b428e341e262a4ccdd71a9c87312648
noarch	nodejs-packaging-2021.06-4.module_el9.6.0+162+8dc602e5.noarch.rpm	6197cdbcfccc2266f0d5e47e8b739375ef169fae31d46948b204964782b971f1
noarch	nodejs-docs-20.19.1-1.module_el9.6.0+163+d268fe53.noarch.rpm	65089a5aa3fab3affc41821e4dce9ae1e28d5b1f0b194fd80e7e08982e057ff0
noarch	nodejs-packaging-bundler-2021.06-4.module_el9.6.0+162+8dc602e5.noarch.rpm	8672933a8a01356064a9acc4450fbb8322915abb9f7a09bb4979cc9c3695dfcf
ppc64le	nodejs-full-i18n-20.19.1-1.module_el9.6.0+163+d268fe53.ppc64le.rpm	6fdf140f0ccff7dd26cd2ad2b67882a68f79e70a1a5f1fa24c188a4308fd360f
ppc64le	npm-10.8.2-1.20.19.1.1.module_el9.6.0+163+d268fe53.ppc64le.rpm	c611f23438feb602f1facc615943cfe022fbe5bf4038b35d4cd91afec960e416
ppc64le	nodejs-devel-20.19.1-1.module_el9.6.0+163+d268fe53.ppc64le.rpm	d541b6d156d9632a17c653999ef8495fa2f5053919f08ca0ca1af944c0503170
ppc64le	nodejs-20.19.1-1.module_el9.6.0+163+d268fe53.ppc64le.rpm	e066c053d300e5473a3f03d5bd153c2e343613f636df8c3bed3d65b7f3d7a262
s390x	nodejs-devel-20.19.1-1.module_el9.6.0+163+d268fe53.s390x.rpm	1c9068375f3fb612d6f7631e1fad66cfc9af7d4a3dda32bc5483c804324f4c6c
s390x	nodejs-full-i18n-20.19.1-1.module_el9.6.0+163+d268fe53.s390x.rpm	b7e2e337413d32d8d8a4d4e08919225429ebd8f16fbbd18ab9a1ae7e707553b5
s390x	npm-10.8.2-1.20.19.1.1.module_el9.6.0+163+d268fe53.s390x.rpm	e2876bb2948122b9c56a61ab827987a43f3e84a148195ea97d5ab2068da3eb18
s390x	nodejs-20.19.1-1.module_el9.6.0+163+d268fe53.s390x.rpm	e9db8c4600922b0f1fac0fbcd779bdde3b7479a6a455fb12f2928f1cd88bcf30
x86_64	nodejs-full-i18n-20.19.1-1.module_el9.6.0+163+d268fe53.x86_64.rpm	15da0b4bb6301b7aa2989464809318f84a74cb2e2a2575db71a09ecf333abb27
x86_64	nodejs-devel-20.19.1-1.module_el9.6.0+163+d268fe53.x86_64.rpm	6dcd5ef074a7ce000e07e1a9716b3953373ce315419d7d75c8cc13feaeb0d346
x86_64	npm-10.8.2-1.20.19.1.1.module_el9.6.0+163+d268fe53.x86_64.rpm	8568ffb338e66cc75c7a9ea2e43c5a882b2a2db8e544445312c057f4f0ef7ad4
x86_64	nodejs-20.19.1-1.module_el9.6.0+163+d268fe53.x86_64.rpm	c6784bfdddc468ed4597e3320470521ac2aa005ef814ffc5663f46358c5fa1ee

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.