SUSE-SU-2017:0431-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:0431-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2017:0431-1

Related

Published

2017-02-09T10:18:00Z

Modified

2017-02-09T10:18:00Z

Summary

Security update for nodejs6

Details

This update for nodejs6 fixes the following issues:

New upstream LTS release 6.9.5.

The embedded openssl sources were updated to 1.0.2k (CVE-2017-3731, CVE-2017-3732, CVE-2016-7055, bsc#1022085, bsc#1022086, bsc#1009528)

Other fixes: - Add basic check that Node.js loads successfully to spec file

New upstream LTS release 6.9.3
- build: shared library support is now working for AIX builds
- deps/npm: upgrade npm to 3.10.10
- deps/V8: destructuring of arrow function arguments via computed property no longer throws
- inspector: /json/version returns object, not an object wrapped in an array
- module: using --debug-brk and --eval together now works as expected
- process: improve performance of nextTick up to 20%
- repl: the division operator will no longer be accidentally parsed as regex
- repl: improved support for generator functions
- timers: recanceling a cancelled timers will no longer throw
New upstream LTS version 6.9.2

References

Affected packages

SUSE:Linux Enterprise Module for Web and Scripting 12 / nodejs6

Package

Name: nodejs6
Purl: purl:rpm/suse/nodejs6&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2012

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.9.5-7.1

Ecosystem specific

{
    "binaries": [
        {
            "npm6": "6.9.5-7.1",
            "nodejs6-devel": "6.9.5-7.1",
            "nodejs6-docs": "6.9.5-7.1",
            "nodejs6": "6.9.5-7.1"
        }
    ]
}