SUSE Container Update Advisory: bci/nodejs
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:3219-1
Container Tags        : bci/node:14 , bci/node:14-35.43 , bci/nodejs:14 , bci/nodejs:14-35.43
Container Release     : 35.43
Severity              : important
Type                  : security
References            : 1205119 CVE-2022-43548 
-----------------------------------------------------------------

The container bci/nodejs was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4255-1
Released:    Mon Nov 28 12:30:26 2022
Summary:     Security update for nodejs14
Type:        security
Severity:    important
References:  1205119,CVE-2022-43548
This update for nodejs14 fixes the following issues:

- Update to 14.21.1:
- CVE-2022-43548: Fixed DNS rebinding in --inspect via invalid octal IP address (bsc#1205119).

- Update to 14.21.0:
- src: add --openssl-shared-config option

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4256-1
Released:    Mon Nov 28 12:36:32 2022
Summary:     Recommended update for gcc12
Type:        recommended
Severity:    moderate
References:  
This update for gcc12 fixes the following issues:

This update ship the GCC 12 compiler suite and its base libraries.

The compiler baselibraries are provided for all SUSE Linux Enterprise 15
versions and replace the same named GCC 11 ones.

The new compilers for C, C++, and Fortran are provided for SUSE Linux
Enterprise 15 SP3 and SP4, and provided in the 'Development Tools' module.

The Go, D and Ada language compiler parts are available unsupported via the
PackageHub repositories.

To use gcc12 compilers use:

- install 'gcc12' or 'gcc12-c++' or one of the other 'gcc12-COMPILER' frontend packages.
- override your Makefile to use CC=gcc12, CXX=g++12 and similar overrides for the other languages.

For a full changelog with all new GCC12 features, check out

	https://gcc.gnu.org/gcc-12/changes.html



The following package changes have been done:

- libgcc_s1-12.2.1+git416-150000.1.5.1 updated
- libstdc++6-12.2.1+git416-150000.1.5.1 updated
- nodejs14-14.21.1-150200.15.40.2 updated
- npm14-14.21.1-150200.15.40.2 updated
- container:sles15-image-15.0.0-27.14.21 updated

SUSE: 2022:3219-1 bci/nodejs Security Update

November 29, 2022
The container bci/nodejs was updated

Summary

Advisory ID: SUSE-SU-2022:4255-1 Released: Mon Nov 28 12:30:26 2022 Summary: Security update for nodejs14 Type: security Severity: important Advisory ID: SUSE-RU-2022:4256-1 Released: Mon Nov 28 12:36:32 2022 Summary: Recommended update for gcc12 Type: recommended Severity: moderate

References

References : 1205119 CVE-2022-43548

1205119,CVE-2022-43548

This update for nodejs14 fixes the following issues:

- Update to 14.21.1:

- CVE-2022-43548: Fixed DNS rebinding in --inspect via invalid octal IP address (bsc#1205119).

- Update to 14.21.0:

- src: add --openssl-shared-config option

This update for gcc12 fixes the following issues:

This update ship the GCC 12 compiler suite and its base libraries.

The compiler baselibraries are provided for all SUSE Linux Enterprise 15

versions and replace the same named GCC 11 ones.

The new compilers for C, C++, and Fortran are provided for SUSE Linux

Enterprise 15 SP3 and SP4, and provided in the 'Development Tools' module.

The Go, D and Ada language compiler parts are available unsupported via the

PackageHub repositories.

To use gcc12 compilers use:

- install 'gcc12' or 'gcc12-c++' or one of the other 'gcc12-COMPILER' frontend packages.

- override your Makefile to use CC=gcc12, CXX=g++12 and similar overrides for the other languages.

For a full changelog with all new GCC12 features, check out

https://gcc.gnu.org/gcc-12/changes.html

The following package changes have been done:

- libgcc_s1-12.2.1+git416-150000.1.5.1 updated

- libstdc++6-12.2.1+git416-150000.1.5.1 updated

- nodejs14-14.21.1-150200.15.40.2 updated

- npm14-14.21.1-150200.15.40.2 updated

- container:sles15-image-15.0.0-27.14.21 updated

Severity
Container Advisory ID : SUSE-CU-2022:3219-1
Container Tags : bci/node:14 , bci/node:14-35.43 , bci/nodejs:14 , bci/nodejs:14-35.43
Container Release : 35.43
Severity : important
Type : security

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved