ALSA-2025:8468

[ALSA-2025:8468] Important: nodejs:20 security update

Type:

security

Severity:

important

Release date:

2025-06-05

Description:

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.   

Security Fix(es):  

  * nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js (CVE-2025-23166)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	npm-10.8.2-1.20.19.2.1.module_el9.6.0+169+c9cb05c2.aarch64.rpm	03963feb0b08ecf940531622bdfd03b91951cbbd7fe06e543625bd335186b55e
aarch64	nodejs-full-i18n-20.19.2-1.module_el9.6.0+169+c9cb05c2.aarch64.rpm	299abac228c783c3f7d4c010319c65479dad941b43d58a26ece8d9e75f58ce35
aarch64	nodejs-devel-20.19.2-1.module_el9.6.0+169+c9cb05c2.aarch64.rpm	31d0c5ac3d94cef3631ec1d38bb5c1df6c0130e370682a557b0e6d20e60d37b5
aarch64	nodejs-20.19.2-1.module_el9.6.0+169+c9cb05c2.aarch64.rpm	a273b1893a689c3fd3a8257c2ceea46a85db3dfd6f84b454d7366925a7222a0e
noarch	nodejs-nodemon-3.0.1-1.module_el9.5.0+125+8dc38870.noarch.rpm	572b82ee164b85ffef41f974897332716b428e341e262a4ccdd71a9c87312648
noarch	nodejs-packaging-2021.06-4.module_el9.6.0+162+8dc602e5.noarch.rpm	6197cdbcfccc2266f0d5e47e8b739375ef169fae31d46948b204964782b971f1
noarch	nodejs-docs-20.19.2-1.module_el9.6.0+169+c9cb05c2.noarch.rpm	7cb015453402ce4793c1f94bf1a42248f44f3b10d6c18bd510973bc44ef767eb
noarch	nodejs-packaging-bundler-2021.06-4.module_el9.6.0+162+8dc602e5.noarch.rpm	8672933a8a01356064a9acc4450fbb8322915abb9f7a09bb4979cc9c3695dfcf
ppc64le	nodejs-devel-20.19.2-1.module_el9.6.0+169+c9cb05c2.ppc64le.rpm	540cef9e3be46d6e69e1c077adef281671be6f21ad589f054e21a86c53d3fe48
ppc64le	nodejs-20.19.2-1.module_el9.6.0+169+c9cb05c2.ppc64le.rpm	70f5e92cf3f79a393588fb47c96044cd172e128951ee64dac0459a5e2d523df6
ppc64le	nodejs-full-i18n-20.19.2-1.module_el9.6.0+169+c9cb05c2.ppc64le.rpm	a7b2a9bc88798b8c68f920762fbeeaf29c7750418bef5fc103841e2ea68731fa
ppc64le	npm-10.8.2-1.20.19.2.1.module_el9.6.0+169+c9cb05c2.ppc64le.rpm	d11b6e0d14b34eb2236b46ddf9286434b28a161222da59abdae0b1138f6a58fa
s390x	nodejs-full-i18n-20.19.2-1.module_el9.6.0+169+c9cb05c2.s390x.rpm	0c5a093ea5de4ca0f122958e4ca12efb2ee41cd3737b83c1807e75763f2d6af3
s390x	npm-10.8.2-1.20.19.2.1.module_el9.6.0+169+c9cb05c2.s390x.rpm	bde135bfa9b587c83d9e5895b032be4c5514e39d82f072fab689ef27d20f4807
s390x	nodejs-devel-20.19.2-1.module_el9.6.0+169+c9cb05c2.s390x.rpm	c1fef6e38abf7c3ecf3f73985f43d63e2b9b54ecc44a187b02ddd2c3d85cb9b2
s390x	nodejs-20.19.2-1.module_el9.6.0+169+c9cb05c2.s390x.rpm	e7affedcc657bead6f44fe78f61b2d63e248c5dde656bd0701cc91fb7130b352
x86_64	npm-10.8.2-1.20.19.2.1.module_el9.6.0+169+c9cb05c2.x86_64.rpm	7aa4eef10e8c54338b54983877c9cae0f83cdb4ba0eadafa377b379720c0fd08
x86_64	nodejs-20.19.2-1.module_el9.6.0+169+c9cb05c2.x86_64.rpm	82e00f4abdc160adc748446d7e804108af946ba11d26fc587d1c5b78d863027c
x86_64	nodejs-devel-20.19.2-1.module_el9.6.0+169+c9cb05c2.x86_64.rpm	c7b40936cd0cf18aabbc6bb65457613fa84f95e09d9eec1afa9270c2789776d9
x86_64	nodejs-full-i18n-20.19.2-1.module_el9.6.0+169+c9cb05c2.x86_64.rpm	deab3a07c9511d9764ea56be5b0ab8a1e73f5f3c50bb078090ce9a4306b18c48

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.