Forum: >>> Magnum BBS <<<

[SECURITY] [DSA 5170-1] nodejs security update

From Moritz Muehlenhoff@21:1/5 to All on Mon Jun 27 20:50:01 2022

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------- Debian Security Advisory DSA-5170-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff
June 27, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : nodejs
CVE ID : CVE-2021-22959 CVE-2021-22960 CVE-2021-44532 CVE-2021-44533
CVE-2022-21824 CVE-2021-44531

Multiple vulnerabilities were discovered in Node.js, which could result in
HTTP request smuggling, a bypass of certificate verification or prototype pollution.

For the stable distribution (bullseye), these problems have been fixed in version 12.22.12~dfsg-1~deb11u1.

We recommend that you upgrade your nodejs packages.

For the detailed security status of nodejs please refer to
its security tracker page at: https://security-tracker.debian.org/tracker/nodejs

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmK5+foACgkQEMKTtsN8 TjbGrg/+PU+oRJ5ARjKwXR1aCdxMvhdzanyaAP7nVeo+iHQwl+13U958e9TpadqX 5gBmmlkWM7vcHHr5Anw6gGptF5L2NTj/Hid4SDFswNLCzqbIm9eIl0FFg2n7ilGD ISZtXEV089UUzCSat1Nk3A7eq3ShESWciFhHkwhejZKzcTJgbzAPFbZSazOfYaXP JREl8OnFg9WWO27gj/zkjHhsG/ZPgJjoGagSfpIuEx3KL/KOiG3eJmJtjS68RVTF D6Zg6P8iFmQLy/PKZycPXEm5Jp5Zrtan4N6yJl3EHFdjcJTJSmCZy0HlLL97eRle kVQI5/KgH9Ev1VYPycOg+cPPaBDLpoFO7OtzhZLmq4/IUsEKHOMeNTKZQWYXjDzl nLANjnHGt7pfw2poXRgblzSikJHiAurJRGarP4k0ebGyy8B6nKrQUlgDI0u4y48z JiqsP95mwCvwFlrjxSTjG5R7AsEuszytqejyxeg5qqkkQKSONsLj02Eav+QqInUS D9dHEl4eoBx529Fu3ZWBfTxe4avxFm/HDw2FJDxz0ciP7S/H0+5TyFwym3tmQpY8 pXD49bVCoE5my4JeDEhpZp1YrsQFTv3RUqqLp3T1uUlsdON4Jz3RP4WX4dzIRte+ fJO6fg+26+h7VykuyWSKYYEyFy1dDmGypc93KfNMrU75BztQpsI=
=ELbx
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Who's Online
Recent Visitors
- Guest
  Wed Jan 15 02:17:27 2025
  from /bin/busybox Cat /proc/self/ex via Raw
- Keyop
  Tue Jan 14 23:13:56 2025
  from Huddersfield, West Yorkshire via SSH
- Bob Worm
  Tue Jan 14 21:42:40 2025
  from Wales, Uk via Telnet
- Guest
  Tue Jan 14 09:13:19 2025
  from /bin/busybox Cat /proc/self/ex via Raw
- Bob Worm
  Tue Jan 14 07:58:29 2025
  from Wales, Uk via Telnet
- Guest
  Tue Jan 14 07:27:58 2025
  from /bin/busybox Cat /proc/self/ex via Raw
- Guest
  Tue Jan 14 02:15:49 2025
  from /bin/busybox Cat /proc/self/ex via Raw
- Johnnyv
  Mon Jan 13 21:20:17 2025
  from Bilbao, Spain via Raw

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	399
Nodes:	16 (2 / 14)
Uptime:	96:49:12
Calls:	8,362
Calls today:	1
Files:	13,162
Messages:	5,897,638

[SECURITY] [DSA 5170-1] nodejs security update

Who's Online

Recent Visitors

System Info