Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP2:Update
patchinfo.12312
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.12312
<patchinfo incident="12312"> <issue tracker="bnc" id="1146099">VUL-0: CVE-2019-9512: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP/2: flood using PING frames results in unbounded memory growth</issue> <issue tracker="bnc" id="1146094">VUL-1: CVE-2019-9513: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP/2 implementation is vulnerable to resource loops, potentially leading to a denial of service.</issue> <issue tracker="bnc" id="1146095">VUL-0: CVE-2019-9514: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP/2 implementation is vulnerable to a reset flood, potentially leading to a denial of service</issue> <issue tracker="bnc" id="1146097">VUL-0: CVE-2019-9517: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP/2 implementations are vulnerable to unconstrained interal data buffering</issue> <issue tracker="bnc" id="1146090">VUL-0: CVE-2019-9516: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP/2 implementation is vulnerable to a header leak, potentially leading to a denial of service</issue> <issue tracker="bnc" id="1146091">VUL-0: CVE-2019-9511: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service</issue> <issue tracker="bnc" id="1146093">VUL-0: CVE-2019-9518: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP/2 implementation is vulnerable to a flood of empty frames, potentially leading to a denial of service</issue> <issue tracker="bnc" id="1146100">VUL-0: CVE-2019-9515: nodejs4,nodejs6,nodejs8,nodejs10,nodejs: HTTP/2: flood using SETTINGS frames results in unbounded memory growth</issue> <issue tracker="cve" id="2019-9518"/> <issue tracker="cve" id="2019-9515"/> <issue tracker="cve" id="2019-9514"/> <issue tracker="cve" id="2019-9517"/> <issue tracker="cve" id="2019-9516"/> <issue tracker="cve" id="2019-9511"/> <issue tracker="cve" id="2019-9513"/> <issue tracker="cve" id="2019-9512"/> <category>security</category> <rating>important</rating> <packager>adamm</packager> <description>This update for nodejs10 to version 10.16.3 fixes the following issues: Security issues fixed: - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#1146091). - CVE-2019-9512: Fixed HTTP/2 flood using PING frames results in unbounded memory growth (bsc#1146099). - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service. (bsc#1146094). - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146095). - CVE-2019-9515: Fixed HTTP/2 flood using SETTINGS frames results in unbounded memory growth (bsc#1146100). - CVE-2019-9516: Fixed HTTP/2 implementation that is vulnerable to a header leak, potentially leading to a denial of service (bsc#1146090). - CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering (bsc#1146097). - CVE-2019-9518: Fixed HTTP/2 implementation that is vulnerable to a flood of empty frames, potentially leading to a denial of service (bsc#1146093). </description> <summary>Security update for nodejs10</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor