FEDORA-EPEL-2019-a6100f3df6

security update in Fedora EPEL 7 for nodejs

Status: testing 9 days ago

Update to Node.js 6.16.0

Comments 4

This update has been submitted for testing by sgallagh.

hello sgallagh, thank you for your efforts! does this update only fix CVE-2018-12120 and not the other vulnerabilities from release v6.15.0? https://nodejs.org/en/blog/release/v6.15.0/

thank you, sascha

It includes everything that is fixed by 6.15.0 in Node.js. The OpenSSL-related ones are fixed by that package, as we link to the system copy rather than using the bundled version. I have it on my TODO list to process through the open CVE bugs and make sure they're closed appropriately, I just have been backlogged lately.

This update has been pushed to testing.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1661014 Invalid bug number
#1661018 CVE-2018-12120 nodejs: Debugger port 5858 listens on any interface by default [epel-all]
Content Type
RPM
Status
testing
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 10 days ago
in testing 9 days ago
days to stable 5

Related Bugs 2

00 #1661014 Invalid bug number
00 #1661018 CVE-2018-12120 nodejs: Debugger port 5858 listens on any interface by default [epel-all]

Automated Test Results