[ubuntu/bionic-security] nodejs 8.10.0~dfsg-2ubuntu0.2 (Accepted)

Mike Salvatore mike.salvatore at canonical.com
Tue Aug 14 11:55:43 UTC 2018


nodejs (8.10.0~dfsg-2ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: HTTP/2 DoS vulnerability
    - debian/patches/CVE-2018-7161.patch: An attacker can cause a denial of
       service (DoS) by causing a node server providing an http2 server to
       crash by triggering a cleanup bug (use after free).
    - CVE-2018-7161
  *  Fix test failures due to expired certificates
    - debian/patches/regen-test-certs.patch: test: update certificates and
      private keys.

Date: 2018-08-13 19:15:11.767261+00:00
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
https://launchpad.net/ubuntu/+source/nodejs/8.10.0~dfsg-2ubuntu0.2
-------------- next part --------------
Sorry, changesfile not available.


More information about the Bionic-changes mailing list