obsolete

nodejs20-20.12.1-3.fc39

FEDORA-2024-91bb4ed803 created by sgallagh 10 months ago for Fedora 39

2024-04-03, Version 20.12.1 'Iron' (LTS), @RafaelGSS

This is a security release

Notable Changes

  • CVE-2024-27983 - Assertion failed in node::http2::Http2Session::\~Http2Session() leads to HTTP/2 server crash- (High)
  • CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium)
  • llhttp version 9.2.1
  • undici version 5.28.4

This update has been submitted for testing by sgallagh.

10 months ago

This update's test gating status has been changed to 'waiting'.

10 months ago

This update's test gating status has been changed to 'passed'.

10 months ago

This update has been pushed to testing.

10 months ago

This update has been obsoleted by nodejs20-20.12.2-1.fc39.

10 months ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-1
Stable by Karma
2
Stable by Time
7 days
Thresholds
Minimum Karma
+1
Minimum Testing
7 days
Dates
submitted
10 months ago
in testing
10 months ago
BZ#2272764 CVE-2024-27983 nodejs: CONTINUATION frames DoS
0
0
BZ#2273045 CVE-2024-27983 nodejs20: nodejs: CONTINUATION frames DoS [fedora-all]
0
0
BZ#2273542 NodeJS runs an illegal instruction on pre-x86_64-v3 hardware
0
0

Automated Test Results