SUSE-CU-2023:1223-1: Security update of bci/nodejs

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Fri Apr 21 07:06:25 UTC 2023


SUSE Container Update Advisory: bci/nodejs
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:1223-1
Container Tags        : bci/node:16 , bci/node:16-15.36 , bci/nodejs:16 , bci/nodejs:16-15.36
Container Release     : 15.36
Severity              : important
Type                  : security
References            : 1208744 CVE-2022-25881 
-----------------------------------------------------------------

The container bci/nodejs was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1924-1
Released:    Thu Apr 20 08:58:59 2023
Summary:     Security update for nodejs16
Type:        security
Severity:    important
References:  1208744,CVE-2022-25881
This update for nodejs16 fixes the following issues:

Update to nodejs LTS version 16.20.0:

Security fixes:

 - CVE-2022-25881: Fixed ReDoS vulnerability in http-cache-semantics (bsc#1208744).

Other changes:  

 - update undici to 5.20.0
 - update c-ares to 1.19.0
 - update npm to 8.19.4


The following package changes have been done:

- nodejs16-16.20.0-150400.3.18.2 updated
- npm16-16.20.0-150400.3.18.2 updated


More information about the sle-security-updates mailing list