Red Hat Product Errata RHSA-2024:3472 - Security Advisory
Issued:
2024-05-29
Updated:
2024-05-29

RHSA-2024:3472 - Security Advisory

Synopsis

Important: rh-nodejs14 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for rh-nodejs14-nodejs is now available for Red Hat Software Collections.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.

Security Fix(es):

  • rh-nodejs14-nodejs: CONTINUATION frames DoS (CVE-2024-27983)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
  • Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7 s390x
  • Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7 ppc64le
  • Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64

Fixes

  • BZ - 2272764 - CVE-2024-27983 nodejs: CONTINUATION frames DoS

Red Hat Software Collections (for RHEL Server) 1 for RHEL 7

SRPM
rh-nodejs14-nodejs-14.21.3-7.el7.src.rpm SHA-256: 18d3328200cdc2f1325bb94b64f810e3c68adb2d975ca239988c523131cb9a97
x86_64
rh-nodejs14-nodejs-14.21.3-7.el7.x86_64.rpm SHA-256: 8726d8703a0be2918b261f12172c65e3a0ec97446bb26df57fc86c9df86f55aa
rh-nodejs14-nodejs-debuginfo-14.21.3-7.el7.x86_64.rpm SHA-256: d6e0d4e4a27dbb14b7163735c76c1c09f935fd849ce33be510c4ed6d1d30db21
rh-nodejs14-nodejs-devel-14.21.3-7.el7.x86_64.rpm SHA-256: b85fdcb10731376432d2987a75fbc4e080108337e82cdd1be90f8bacd1dd497f
rh-nodejs14-nodejs-docs-14.21.3-7.el7.noarch.rpm SHA-256: 7ca0792047f74272315260ae3834e679162ff4328c6eeff26009816a4b47047e
rh-nodejs14-nodejs-full-i18n-14.21.3-7.el7.x86_64.rpm SHA-256: 32280afdcee6c175b8b1183ecfc69d489bdba93aface49880e8ec534392b0444
rh-nodejs14-npm-6.14.18-14.21.3.7.el7.x86_64.rpm SHA-256: c3f1793d37c6b6c42462ba21bd7b7eb253ba984481e993df5566f95e56fd988d

Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7

SRPM
rh-nodejs14-nodejs-14.21.3-7.el7.src.rpm SHA-256: 18d3328200cdc2f1325bb94b64f810e3c68adb2d975ca239988c523131cb9a97
s390x
rh-nodejs14-nodejs-14.21.3-7.el7.s390x.rpm SHA-256: 7920aede24126df0c91ea5b2235329a8e115c79a702b98a967c860b14380bada
rh-nodejs14-nodejs-debuginfo-14.21.3-7.el7.s390x.rpm SHA-256: 0bfa0a2a473f7bc06604e4e43b481f123f9e12d2f470db6605822160bc643db8
rh-nodejs14-nodejs-devel-14.21.3-7.el7.s390x.rpm SHA-256: fdf5e4045ea70ed0175cfc4e55b15d85e2bf9529ec534cc667c77f328d153ba1
rh-nodejs14-nodejs-docs-14.21.3-7.el7.noarch.rpm SHA-256: 7ca0792047f74272315260ae3834e679162ff4328c6eeff26009816a4b47047e
rh-nodejs14-nodejs-full-i18n-14.21.3-7.el7.s390x.rpm SHA-256: 85b639c0e0a082062dd6bad99cc6cbc66aaebb18425657a147c5b5e8d4e5aa1a
rh-nodejs14-npm-6.14.18-14.21.3.7.el7.s390x.rpm SHA-256: 472030e78d63ee1e65562d7acfbf6f8a69351868404154f395bbdc028ffedced

Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7

SRPM
rh-nodejs14-nodejs-14.21.3-7.el7.src.rpm SHA-256: 18d3328200cdc2f1325bb94b64f810e3c68adb2d975ca239988c523131cb9a97
ppc64le
rh-nodejs14-nodejs-14.21.3-7.el7.ppc64le.rpm SHA-256: e724a1c3a2dca7514768b7635a9270e3d3fd257affe0700f96933be537065484
rh-nodejs14-nodejs-debuginfo-14.21.3-7.el7.ppc64le.rpm SHA-256: cb900a7573ff271148737050a472d334035956357d585736eb605356f9b5f0d6
rh-nodejs14-nodejs-devel-14.21.3-7.el7.ppc64le.rpm SHA-256: ebf118cc6d1963a4c93ccf2a923c580455144efe201cb456244ae6fa05bdacd2
rh-nodejs14-nodejs-docs-14.21.3-7.el7.noarch.rpm SHA-256: 7ca0792047f74272315260ae3834e679162ff4328c6eeff26009816a4b47047e
rh-nodejs14-nodejs-full-i18n-14.21.3-7.el7.ppc64le.rpm SHA-256: 6f1e56543759dcdc7d94863a9eb7292d6687db749ac83a4acddbf1abb3bd63eb
rh-nodejs14-npm-6.14.18-14.21.3.7.el7.ppc64le.rpm SHA-256: fde1ccddcf0d497475ba277370852279126ab094745a151c4753f5823cb2eb85

Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7

SRPM
rh-nodejs14-nodejs-14.21.3-7.el7.src.rpm SHA-256: 18d3328200cdc2f1325bb94b64f810e3c68adb2d975ca239988c523131cb9a97
x86_64
rh-nodejs14-nodejs-14.21.3-7.el7.x86_64.rpm SHA-256: 8726d8703a0be2918b261f12172c65e3a0ec97446bb26df57fc86c9df86f55aa
rh-nodejs14-nodejs-debuginfo-14.21.3-7.el7.x86_64.rpm SHA-256: d6e0d4e4a27dbb14b7163735c76c1c09f935fd849ce33be510c4ed6d1d30db21
rh-nodejs14-nodejs-devel-14.21.3-7.el7.x86_64.rpm SHA-256: b85fdcb10731376432d2987a75fbc4e080108337e82cdd1be90f8bacd1dd497f
rh-nodejs14-nodejs-docs-14.21.3-7.el7.noarch.rpm SHA-256: 7ca0792047f74272315260ae3834e679162ff4328c6eeff26009816a4b47047e
rh-nodejs14-nodejs-full-i18n-14.21.3-7.el7.x86_64.rpm SHA-256: 32280afdcee6c175b8b1183ecfc69d489bdba93aface49880e8ec534392b0444
rh-nodejs14-npm-6.14.18-14.21.3.7.el7.x86_64.rpm SHA-256: c3f1793d37c6b6c42462ba21bd7b7eb253ba984481e993df5566f95e56fd988d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.