SUSE-CU-2022:3219-1: Security update of bci/nodejs

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Nov 29 09:03:27 UTC 2022 

SUSE Container Update Advisory: bci/nodejs
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:3219-1
Container Tags        : bci/node:14 , bci/node:14-35.43 , bci/nodejs:14 , bci/nodejs:14-35.43
Container Release     : 35.43
Severity              : important
Type                  : security
References            : 1205119 CVE-2022-43548 
-----------------------------------------------------------------

The container bci/nodejs was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4255-1
Released:    Mon Nov 28 12:30:26 2022
Summary:     Security update for nodejs14
Type:        security
Severity:    important
References:  1205119,CVE-2022-43548
This update for nodejs14 fixes the following issues:

- Update to 14.21.1:
- CVE-2022-43548: Fixed DNS rebinding in --inspect via invalid octal IP address (bsc#1205119).

- Update to 14.21.0:
- src: add --openssl-shared-config option

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4256-1
Released:    Mon Nov 28 12:36:32 2022
Summary:     Recommended update for gcc12
Type:        recommended
Severity:    moderate
References:  
This update for gcc12 fixes the following issues:

This update ship the GCC 12 compiler suite and its base libraries.

The compiler baselibraries are provided for all SUSE Linux Enterprise 15
versions and replace the same named GCC 11 ones.

The new compilers for C, C++, and Fortran are provided for SUSE Linux
Enterprise 15 SP3 and SP4, and provided in the 'Development Tools' module.

The Go, D and Ada language compiler parts are available unsupported via the
PackageHub repositories.

To use gcc12 compilers use:

- install 'gcc12' or 'gcc12-c++' or one of the other 'gcc12-COMPILER' frontend packages.
- override your Makefile to use CC=gcc12, CXX=g++12 and similar overrides for the other languages.

For a full changelog with all new GCC12 features, check out

	https://gcc.gnu.org/gcc-12/changes.html



The following package changes have been done:

- libgcc_s1-12.2.1+git416-150000.1.5.1 updated
- libstdc++6-12.2.1+git416-150000.1.5.1 updated
- nodejs14-14.21.1-150200.15.40.2 updated
- npm14-14.21.1-150200.15.40.2 updated
- container:sles15-image-15.0.0-27.14.21 updated

More information about the sle-security-updates mailing list