- Issued:
- 2024-07-08
- Updated:
- 2024-07-08
RHSA-2024:4353 - Security Advisory
Synopsis
Important: nodejs:16 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for the nodejs:16 package is now available for Red Hat Enterprise
Linux 8.8 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Description
Node.js is a software development platform for building fast and scalable
network applications in the JavaScript programming language.
Security Fix(es):
- nodejs/16: CONTINUATION frames DoS (CVE-2024-27983)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.8 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
Fixes
- BZ - 2272764 - CVE-2024-27983 nodejs: CONTINUATION frames DoS
CVEs
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8
| SRPM | |
|---|---|
| nodejs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.src.rpm | SHA-256: d0c6cdb460f20a448774850a3455c51b6dff353d9935f2c8129953ee0ed0ecfa |
| nodejs-nodemon-3.0.1-1.module+el8.8.0+19764+7eed1ca3.src.rpm | SHA-256: 1ebdeeae6ca30c544104124b1580cdf52905cbb6269972278de2d2207ce61d10 |
| nodejs-packaging-26-1.module+el8.8.0+19857+6d2a104d.src.rpm | SHA-256: bdaf873380ef1e8cbba260408de061175ffdcb1954e05be0dbc220e1d1036f7c |
| x86_64 | |
| nodejs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: 781bad5b0d6095740d8da1069db2153d78339121ce09bd71bf1b4cf85d976bc3 |
| nodejs-debuginfo-16.20.2-4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: 088ec4f2c98500efa14b06cea8b6330e7fb6e5f298df61dad85314848f184342 |
| nodejs-debugsource-16.20.2-4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: a44a72eb1785b56cfd48a717bde2ae39be5a7b6ade20d71c5b99e51267257c4e |
| nodejs-devel-16.20.2-4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: f48fa0ee2356185286a785be1768a0b85ffbce6cc0df66d78e746cc9b5505ce3 |
| nodejs-docs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.noarch.rpm | SHA-256: 19f7407fc04b69e465c0d3257967a6e33ddcc0f47d441a194307d70fc0c25fb6 |
| nodejs-full-i18n-16.20.2-4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: 10477eca3f15eb338323bebe30461f4d314f0b4f835f7b3553fb00755cae9a86 |
| nodejs-nodemon-3.0.1-1.module+el8.8.0+19764+7eed1ca3.noarch.rpm | SHA-256: a7d7a59963cc746d52f470b2c7c8cc2f50b9abc684071aa205d4faff1e1c8522 |
| nodejs-packaging-26-1.module+el8.8.0+19857+6d2a104d.noarch.rpm | SHA-256: bd77288c2950311aaf1582c74e408acbb765d9aca00f089f449649762de12bdb |
| npm-8.19.4-1.16.20.2.4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: 22f3f9ac6aee83a6876cba320df6d9d9125e7abf51137e0af3808a5a36fb865e |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8
| SRPM | |
|---|---|
| nodejs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.src.rpm | SHA-256: d0c6cdb460f20a448774850a3455c51b6dff353d9935f2c8129953ee0ed0ecfa |
| nodejs-nodemon-3.0.1-1.module+el8.8.0+19764+7eed1ca3.src.rpm | SHA-256: 1ebdeeae6ca30c544104124b1580cdf52905cbb6269972278de2d2207ce61d10 |
| nodejs-packaging-26-1.module+el8.8.0+19857+6d2a104d.src.rpm | SHA-256: bdaf873380ef1e8cbba260408de061175ffdcb1954e05be0dbc220e1d1036f7c |
| s390x | |
| nodejs-docs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.noarch.rpm | SHA-256: 19f7407fc04b69e465c0d3257967a6e33ddcc0f47d441a194307d70fc0c25fb6 |
| nodejs-nodemon-3.0.1-1.module+el8.8.0+19764+7eed1ca3.noarch.rpm | SHA-256: a7d7a59963cc746d52f470b2c7c8cc2f50b9abc684071aa205d4faff1e1c8522 |
| nodejs-packaging-26-1.module+el8.8.0+19857+6d2a104d.noarch.rpm | SHA-256: bd77288c2950311aaf1582c74e408acbb765d9aca00f089f449649762de12bdb |
| nodejs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.s390x.rpm | SHA-256: 87fe68f311dd9082c2938aea065badf1c3248bb22e06ec94567c2f899ebe0e59 |
| nodejs-debuginfo-16.20.2-4.module+el8.8.0+21791+70c4808d.1.s390x.rpm | SHA-256: 424ba632fd12bfea51d044023acc8a6744c21afafe677453e00b5faf5e934e5f |
| nodejs-debugsource-16.20.2-4.module+el8.8.0+21791+70c4808d.1.s390x.rpm | SHA-256: 80877b578e33a08afc697b270e23c9294de0ad43c87c94071c88ddb4413d959c |
| nodejs-devel-16.20.2-4.module+el8.8.0+21791+70c4808d.1.s390x.rpm | SHA-256: d52a0fc812916f0965282e4818d402c8a5e491d12787e5f4fe5991e363f3177f |
| nodejs-full-i18n-16.20.2-4.module+el8.8.0+21791+70c4808d.1.s390x.rpm | SHA-256: 23964f12eaf81ca954860b266bf1c17ca28f04e8bf09572b4e388b2bec2874b1 |
| npm-8.19.4-1.16.20.2.4.module+el8.8.0+21791+70c4808d.1.s390x.rpm | SHA-256: cdecd4e7e9d83dc1b5545aed1ecb79356ce6923b914813cadd93be0d1aa60183 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8
| SRPM | |
|---|---|
| nodejs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.src.rpm | SHA-256: d0c6cdb460f20a448774850a3455c51b6dff353d9935f2c8129953ee0ed0ecfa |
| nodejs-nodemon-3.0.1-1.module+el8.8.0+19764+7eed1ca3.src.rpm | SHA-256: 1ebdeeae6ca30c544104124b1580cdf52905cbb6269972278de2d2207ce61d10 |
| nodejs-packaging-26-1.module+el8.8.0+19857+6d2a104d.src.rpm | SHA-256: bdaf873380ef1e8cbba260408de061175ffdcb1954e05be0dbc220e1d1036f7c |
| ppc64le | |
| nodejs-docs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.noarch.rpm | SHA-256: 19f7407fc04b69e465c0d3257967a6e33ddcc0f47d441a194307d70fc0c25fb6 |
| nodejs-nodemon-3.0.1-1.module+el8.8.0+19764+7eed1ca3.noarch.rpm | SHA-256: a7d7a59963cc746d52f470b2c7c8cc2f50b9abc684071aa205d4faff1e1c8522 |
| nodejs-packaging-26-1.module+el8.8.0+19857+6d2a104d.noarch.rpm | SHA-256: bd77288c2950311aaf1582c74e408acbb765d9aca00f089f449649762de12bdb |
| nodejs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.ppc64le.rpm | SHA-256: f85ed808f00c895a3b896ce8ff1ec34364e6eaef4294333143a45eb8cb154495 |
| nodejs-debuginfo-16.20.2-4.module+el8.8.0+21791+70c4808d.1.ppc64le.rpm | SHA-256: 11a625a271f58c8196a7ad6942b613220becda3250d3771987ebd0bd09236e4d |
| nodejs-debugsource-16.20.2-4.module+el8.8.0+21791+70c4808d.1.ppc64le.rpm | SHA-256: 85c52c01030a5168fa9e54c28b441b1fabf7d90914fcd24e015503680b193c06 |
| nodejs-devel-16.20.2-4.module+el8.8.0+21791+70c4808d.1.ppc64le.rpm | SHA-256: 696c2c5d9ebb9745d49b9d9c99a35c5451f26a4a6425e669af7c8299e32a86e9 |
| nodejs-full-i18n-16.20.2-4.module+el8.8.0+21791+70c4808d.1.ppc64le.rpm | SHA-256: 18a3ad308bd62bd9754972da240ee74476368f89f61d1b140e00ce56f3e08f7e |
| npm-8.19.4-1.16.20.2.4.module+el8.8.0+21791+70c4808d.1.ppc64le.rpm | SHA-256: b31eea04dd260d8dbc96745ff5bb705dfa2f5a1cedc3842a5668c13339691ccb |
Red Hat Enterprise Linux Server - TUS 8.8
| SRPM | |
|---|---|
| nodejs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.src.rpm | SHA-256: d0c6cdb460f20a448774850a3455c51b6dff353d9935f2c8129953ee0ed0ecfa |
| nodejs-nodemon-3.0.1-1.module+el8.8.0+19764+7eed1ca3.src.rpm | SHA-256: 1ebdeeae6ca30c544104124b1580cdf52905cbb6269972278de2d2207ce61d10 |
| nodejs-packaging-26-1.module+el8.8.0+19857+6d2a104d.src.rpm | SHA-256: bdaf873380ef1e8cbba260408de061175ffdcb1954e05be0dbc220e1d1036f7c |
| x86_64 | |
| nodejs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: 781bad5b0d6095740d8da1069db2153d78339121ce09bd71bf1b4cf85d976bc3 |
| nodejs-debuginfo-16.20.2-4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: 088ec4f2c98500efa14b06cea8b6330e7fb6e5f298df61dad85314848f184342 |
| nodejs-debugsource-16.20.2-4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: a44a72eb1785b56cfd48a717bde2ae39be5a7b6ade20d71c5b99e51267257c4e |
| nodejs-devel-16.20.2-4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: f48fa0ee2356185286a785be1768a0b85ffbce6cc0df66d78e746cc9b5505ce3 |
| nodejs-docs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.noarch.rpm | SHA-256: 19f7407fc04b69e465c0d3257967a6e33ddcc0f47d441a194307d70fc0c25fb6 |
| nodejs-full-i18n-16.20.2-4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: 10477eca3f15eb338323bebe30461f4d314f0b4f835f7b3553fb00755cae9a86 |
| nodejs-nodemon-3.0.1-1.module+el8.8.0+19764+7eed1ca3.noarch.rpm | SHA-256: a7d7a59963cc746d52f470b2c7c8cc2f50b9abc684071aa205d4faff1e1c8522 |
| nodejs-packaging-26-1.module+el8.8.0+19857+6d2a104d.noarch.rpm | SHA-256: bd77288c2950311aaf1582c74e408acbb765d9aca00f089f449649762de12bdb |
| npm-8.19.4-1.16.20.2.4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: 22f3f9ac6aee83a6876cba320df6d9d9125e7abf51137e0af3808a5a36fb865e |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8
| SRPM | |
|---|---|
| nodejs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.src.rpm | SHA-256: d0c6cdb460f20a448774850a3455c51b6dff353d9935f2c8129953ee0ed0ecfa |
| nodejs-nodemon-3.0.1-1.module+el8.8.0+19764+7eed1ca3.src.rpm | SHA-256: 1ebdeeae6ca30c544104124b1580cdf52905cbb6269972278de2d2207ce61d10 |
| nodejs-packaging-26-1.module+el8.8.0+19857+6d2a104d.src.rpm | SHA-256: bdaf873380ef1e8cbba260408de061175ffdcb1954e05be0dbc220e1d1036f7c |
| aarch64 | |
| nodejs-docs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.noarch.rpm | SHA-256: 19f7407fc04b69e465c0d3257967a6e33ddcc0f47d441a194307d70fc0c25fb6 |
| nodejs-nodemon-3.0.1-1.module+el8.8.0+19764+7eed1ca3.noarch.rpm | SHA-256: a7d7a59963cc746d52f470b2c7c8cc2f50b9abc684071aa205d4faff1e1c8522 |
| nodejs-packaging-26-1.module+el8.8.0+19857+6d2a104d.noarch.rpm | SHA-256: bd77288c2950311aaf1582c74e408acbb765d9aca00f089f449649762de12bdb |
| nodejs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.aarch64.rpm | SHA-256: 4bcc957257974a3656c762faeb345f08185edbe0434e697e13f531bd6b9ce72b |
| nodejs-debuginfo-16.20.2-4.module+el8.8.0+21791+70c4808d.1.aarch64.rpm | SHA-256: e377cbabf64355dc5c859764d1f82acfac2a61677a9a55ac0e6190b9ef27797c |
| nodejs-debugsource-16.20.2-4.module+el8.8.0+21791+70c4808d.1.aarch64.rpm | SHA-256: b219b47f58b9ccb0c600f2c60282bd6f0c54306b5c6671f0e13a1b98b39a54eb |
| nodejs-devel-16.20.2-4.module+el8.8.0+21791+70c4808d.1.aarch64.rpm | SHA-256: 04f056a4953d684aca384dd581fbcf99b8c0158c7f8d70f65d8a829024da17b9 |
| nodejs-full-i18n-16.20.2-4.module+el8.8.0+21791+70c4808d.1.aarch64.rpm | SHA-256: 438ebd3e78a99c97ed15fc8c322afdd41667d5b3618efc60e29c5719f3353430 |
| npm-8.19.4-1.16.20.2.4.module+el8.8.0+21791+70c4808d.1.aarch64.rpm | SHA-256: a2d6919fc50b5f6ff6b5c1998924172614cd0f8d37196c2a6504f241318c7e76 |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8
| SRPM | |
|---|---|
| nodejs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.src.rpm | SHA-256: d0c6cdb460f20a448774850a3455c51b6dff353d9935f2c8129953ee0ed0ecfa |
| nodejs-nodemon-3.0.1-1.module+el8.8.0+19764+7eed1ca3.src.rpm | SHA-256: 1ebdeeae6ca30c544104124b1580cdf52905cbb6269972278de2d2207ce61d10 |
| nodejs-packaging-26-1.module+el8.8.0+19857+6d2a104d.src.rpm | SHA-256: bdaf873380ef1e8cbba260408de061175ffdcb1954e05be0dbc220e1d1036f7c |
| ppc64le | |
| nodejs-docs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.noarch.rpm | SHA-256: 19f7407fc04b69e465c0d3257967a6e33ddcc0f47d441a194307d70fc0c25fb6 |
| nodejs-nodemon-3.0.1-1.module+el8.8.0+19764+7eed1ca3.noarch.rpm | SHA-256: a7d7a59963cc746d52f470b2c7c8cc2f50b9abc684071aa205d4faff1e1c8522 |
| nodejs-packaging-26-1.module+el8.8.0+19857+6d2a104d.noarch.rpm | SHA-256: bd77288c2950311aaf1582c74e408acbb765d9aca00f089f449649762de12bdb |
| nodejs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.ppc64le.rpm | SHA-256: f85ed808f00c895a3b896ce8ff1ec34364e6eaef4294333143a45eb8cb154495 |
| nodejs-debuginfo-16.20.2-4.module+el8.8.0+21791+70c4808d.1.ppc64le.rpm | SHA-256: 11a625a271f58c8196a7ad6942b613220becda3250d3771987ebd0bd09236e4d |
| nodejs-debugsource-16.20.2-4.module+el8.8.0+21791+70c4808d.1.ppc64le.rpm | SHA-256: 85c52c01030a5168fa9e54c28b441b1fabf7d90914fcd24e015503680b193c06 |
| nodejs-devel-16.20.2-4.module+el8.8.0+21791+70c4808d.1.ppc64le.rpm | SHA-256: 696c2c5d9ebb9745d49b9d9c99a35c5451f26a4a6425e669af7c8299e32a86e9 |
| nodejs-full-i18n-16.20.2-4.module+el8.8.0+21791+70c4808d.1.ppc64le.rpm | SHA-256: 18a3ad308bd62bd9754972da240ee74476368f89f61d1b140e00ce56f3e08f7e |
| npm-8.19.4-1.16.20.2.4.module+el8.8.0+21791+70c4808d.1.ppc64le.rpm | SHA-256: b31eea04dd260d8dbc96745ff5bb705dfa2f5a1cedc3842a5668c13339691ccb |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8
| SRPM | |
|---|---|
| nodejs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.src.rpm | SHA-256: d0c6cdb460f20a448774850a3455c51b6dff353d9935f2c8129953ee0ed0ecfa |
| nodejs-nodemon-3.0.1-1.module+el8.8.0+19764+7eed1ca3.src.rpm | SHA-256: 1ebdeeae6ca30c544104124b1580cdf52905cbb6269972278de2d2207ce61d10 |
| nodejs-packaging-26-1.module+el8.8.0+19857+6d2a104d.src.rpm | SHA-256: bdaf873380ef1e8cbba260408de061175ffdcb1954e05be0dbc220e1d1036f7c |
| x86_64 | |
| nodejs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: 781bad5b0d6095740d8da1069db2153d78339121ce09bd71bf1b4cf85d976bc3 |
| nodejs-debuginfo-16.20.2-4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: 088ec4f2c98500efa14b06cea8b6330e7fb6e5f298df61dad85314848f184342 |
| nodejs-debugsource-16.20.2-4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: a44a72eb1785b56cfd48a717bde2ae39be5a7b6ade20d71c5b99e51267257c4e |
| nodejs-devel-16.20.2-4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: f48fa0ee2356185286a785be1768a0b85ffbce6cc0df66d78e746cc9b5505ce3 |
| nodejs-docs-16.20.2-4.module+el8.8.0+21791+70c4808d.1.noarch.rpm | SHA-256: 19f7407fc04b69e465c0d3257967a6e33ddcc0f47d441a194307d70fc0c25fb6 |
| nodejs-full-i18n-16.20.2-4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: 10477eca3f15eb338323bebe30461f4d314f0b4f835f7b3553fb00755cae9a86 |
| nodejs-nodemon-3.0.1-1.module+el8.8.0+19764+7eed1ca3.noarch.rpm | SHA-256: a7d7a59963cc746d52f470b2c7c8cc2f50b9abc684071aa205d4faff1e1c8522 |
| nodejs-packaging-26-1.module+el8.8.0+19857+6d2a104d.noarch.rpm | SHA-256: bd77288c2950311aaf1582c74e408acbb765d9aca00f089f449649762de12bdb |
| npm-8.19.4-1.16.20.2.4.module+el8.8.0+21791+70c4808d.1.x86_64.rpm | SHA-256: 22f3f9ac6aee83a6876cba320df6d9d9125e7abf51137e0af3808a5a36fb865e |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
