FEDORA-MODULAR-2019-3425d6b6f7 — security update for nodejs:10

stable

nodejs-10-3020190816104510.a5b0195c

FEDORA-MODULAR-2019-3425d6b6f7 created by sgallagh 3 years ago for Fedora 30 Modular

Update to Node.js 10.6.13

This update has been submitted for testing by sgallagh.

3 years ago

This update's test gating status has been changed to 'waiting'.

3 years ago

This update's test gating status has been changed to 'ignored'.

3 years ago

This update has been pushed to testing.

3 years ago

This update can be pushed to stable now if the maintainer wishes

3 years ago

This update has been submitted for stable by bodhi.

3 years ago

This update has been pushed to stable.

3 years ago

Please login to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

Module

Test Gating

ignored

Builds

nodejs-10-3020190816104510.a5b0195c

Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

3 years ago

in testing

3 years ago

in stable

3 years ago

BZ#1741962 CVE-2019-9512 nodejs: http/2: HTTP/2 flood using PING frames results in unbounded memory growth [fedora-all]

BZ#1741964 CVE-2019-9514 nodejs: http/2: HTTP/2 flood using HEADERS frames results in unbounded memory growth [fedora-all]

BZ#1741967 CVE-2019-9513 nodejs: HTTP/2: flood using PRIORITY frames resulting in excessive resource consumption [fedora-all]

BZ#1741968 CVE-2019-9515 nodejs: http/2: HTTP/2 flood using SETTINGS frames results in unbounded memory growth [fedora-all]

BZ#1741969 CVE-2019-9518 nodejs: HTTP/2: flood using empty frames results in excessive resources consumption [fedora-all]

BZ#1741974 CVE-2019-9517 nodejs: HTTP/2: request for large response leads to denial of service [fedora-all]

BZ#1741979 CVE-2019-9516 nodejs: HTTP/2: 0-length headers leads to denial of service [fedora-all]

nodejs-10-3020190816104510.a5b0195c

Automated Test Results

ignored