security update in Fedora EPEL 7 for nodejs

Status: stable 7 months ago

Update to Node.js 6.16.0

Comments 8

This update has been submitted for testing by sgallagh.

hello sgallagh, thank you for your efforts! does this update only fix CVE-2018-12120 and not the other vulnerabilities from release v6.15.0? https://nodejs.org/en/blog/release/v6.15.0/

thank you, sascha

It includes everything that is fixed by 6.15.0 in Node.js. The OpenSSL-related ones are fixed by that package, as we link to the system copy rather than using the bundled version. I have it on my TODO list to process through the open CVE bugs and make sure they're closed appropriately, I just have been backlogged lately.

This update has been pushed to testing.

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by sgallagh.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
Test Gating
Submitted by
Update Type
Update Severity
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Autopush (time)
submitted 8 months ago
in testing 8 months ago
in stable 7 months ago

Related Bugs 2

00 #1661014 Invalid bug number
00 #1661018 CVE-2018-12120 nodejs: Debugger port 5858 listens on any interface by default [epel-all]

Automated Test Results