UbuntuUpdates.org

Package "nodejs"

Name: nodejs

Description:

evented I/O for V8 javascript

Latest version: 8.10.0~dfsg-2ubuntu0.2
Release: bionic (18.04)
Level: security
Repository: universe
Homepage: http://nodejs.org/

Links


Download "nodejs"


Other versions of "nodejs" in Bionic

Repository Area Version
base universe 8.10.0~dfsg-2
updates universe 8.10.0~dfsg-2ubuntu0.4
PPA: Nodejs 6.x 6.14.1-1nodesource1
PPA: Nodejs 9.x 9.11.2-1nodesource1
PPA: Nodejs 11.x 11.15.0-1nodesource1
PPA: Nodejs 8.x 8.17.0-1nodesource1
PPA: Nodejs 13.x 13.14.0-1nodesource1
PPA: Nodejs 10.x 10.24.1-1nodesource1
PPA: Nodejs 12.x 12.22.12-1nodesource1
PPA: Nodejs 14.x 14.21.3-deb-1nodesource1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 8.10.0~dfsg-2ubuntu0.2 2018-08-14 13:06:33 UTC

  nodejs (8.10.0~dfsg-2ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: HTTP/2 DoS vulnerability
    - debian/patches/CVE-2018-7161.patch: An attacker can cause a denial of
       service (DoS) by causing a node server providing an http2 server to
       crash by triggering a cleanup bug (use after free).
    - CVE-2018-7161
  * Fix test failures due to expired certificates
    - debian/patches/regen-test-certs.patch: test: update certificates and
      private keys.

 -- Mike Salvatore <email address hidden> Thu, 09 Aug 2018 14:20:02 -0400

CVE-2018-7161 All versions of Node.js 8.x, 9.x, and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service (DoS) by causing a node



About   -   Send Feedback to @ubuntu_updates